Non Conformance Risk Category's

We have 2 Non-conformance logging, one is a database for internal or customer concerns or complaints about the products we manufacture, for our internal audit we just use a simple spreadsheet with a non-conformance Risk category, in a recent internal audit, it was suggested we also have a revised risk category after the manager has closed out with a corrective action. I don't think this is required. thoughts, please

Nothing is really required other than documenting them and managing that documentation, so do what you want.