RiskComply highlights

 

RiskComply is the tool to support the range of Governance, Risk Assessment and Compliancy processes in relation to Information risks, but also to other risks such as Business risks, Operational risks, Business Continuity risks etc. The following picture shows the process plate that guides the user trough the risk management process.

 

Governance is the process of designing and maintaining the risk policy of the company. Governance in RiskComply assists the company in designing and maintaining it' s risk governance by allowing it to register and maintain Control domains, Control objectives, Controls, Measures, evidence and Threats.

 

Governance assists in the upload of different kind of standard control sets (f.e. ISO27002, NEN7510), by providing the possibility to upload Controls, Measures and Treats. 

 

BIA, short for Business Impact Assessment, supports the process to assess the Business Impact on the organization due to a breach of CIA (confidentiality, Integrity and Availability).  RiskComply supports in registering a new asset, performing a BIA based on a CIA  classification and it also supports the signoff process for the BIA.

 

Compliance is the process of checking the level of risk against the control set based on the BIA.

 

Risk Assessment is the process of managing risk mitigation within the company. RiskComply supports in comparing the level of risk mitigation against the risk appetite of the organization, It shows the residual risks, and has an option to add Controls, Measures, Threats, etc applicable only to the particular asset.

 

Action Planning is the process to accept the risk assessment including the residual risks. planning actions, managing and monitoring the implementation of actions. RiskComply Supports in all these processes.

 

Reporting gives an impression of the status of the risk status of the organization from different angle points.  RiskComply provides a rich set of reports.