To be honest, Ganesh, I probably would not think of risk as being open or resolved. These make sense for issues or action items.
Let's work through the life cycle of a risk
1. The risk is identified
2. The risk is assessed. You may want to have different statuses for qualitative and quantitative assessments.
3. The risk is controlled. You may want to identify all the control actions taken: avoidance, mitigation, transfer, acceptance
4. The risk is triggered. From that point, you are in contingency mode. Once resolved, the risk goes back to control.
6. The risk is closed. Some risks are never closed, for example, hazards.