The Allgress Risk Register measures multi-level quantitative and qualitative risks and identifies key information security risks that should be considered in broader enterprise-wide operational risk models. The module enables you to manage, score and report on organizational wide risks in one place. By providing visibility into a wide range of risk disciplines from the executive suite all the way to the line level in the organization, you are able to glean a holistic view of your risk posture.
Risk management can be cumbersome, time-consuming, inconsistent and subjective; and organizations are lacking a comprehensive picture of their risk posture for executives. The Allgress Risk Modules streamline the risk management process, enabling you to quickly articulate your risk posture. By leveraging existing information (assets, vulnerability scans, controls assessments, etc.), you are able to report on that data to reveal current risk status, previous milestones and “what-if” scenarios.
KEY FEATURES & BENEFITS
• Fully customizable scoring function for both inherent and residual risk.
• Complete workflow with alerting capability for risk assessment and risk mitigation tasks.
• Associates risks to business units, vendors, compliance standards and internal policies.
• Fully customizable risk attributes used to add meaningful detail to risk items.
• Provides assignment and ownership to organizationally defined risk roles.
• Risk Dashboards, trends, summary, and detail reporting.
• Supports scheduled and event based actions.
• Business aligned segregation of authority, roles, and authorization.
• Score and prioritize risks based on the likelihood of threat occurrence, the degree of control implementation and the level of control effectiveness.
• Provide a repeatable, intuitive and unified workflow for managing, alerting on, mitigating and remediating risk.
• Provide actionable information for all enterprise stakeholders.
• Employ a common risk management schema, ensuring everyone in the organization ranks risk similarly; enabling business units to speak the same language.
• Associate risks to business units, vendors, compliance standards and internal policies.
• Provide a holistic “at a glance” risk-based views of your organization wide security posture.
• Translate operational and tactical risk data into meaningful information, enabling communication to various levels of management via risk dashboards, trends, summary and detail reporting.
• Defend compliance budgets by demonstrating budget history in relation to risk over given periods.