DATASHEET

Risk Manager for IRAM2

The Challenge

Information risk methodologies provide a structured and consistent end-to-end approach for

managing an organisation’s information assets within acceptable levels of risk tolerance.

IRAM2 is the ISF’s latest methodology for identifying and assessing information risk, which

has gained substantial traction with many global Member organisations, due to its holistic

nature and rigour.

The Need

Information is critical to all organisations, as such informing key

stakeholders of the risks to key information assets is now a business

requirement. As the ability of adversarial threats such as organised

criminal group, privileged employees that cause significant harm to

organisations’ reputation, operations and financial results continues

to grow - there is a greater need for organisations to have rigorous

understanding of the risks to our environment (s). IRAM2 is the ideal

methodology to achieve this.

“One of the main benefits

is that we now have a

central view of compliance.”

IT Compliance Manager,

Global Travel Company

The Solution

SureCloud has recognised these challenges and

has created an Application called Risk Manager

for IRAM2 to address these issues. Risk Manager

for IRAM2 has been developed in conjunction

with key ISF community members and has been

designed with the key objectives of repeatability,

efficiency and usability in mind.

Individual assessments have been streamlined

and no longer exist as standalone activities.

Multiple assessments can run in parallel and

changes made retrospectively without having

to repeat every subsequent step. These are

supported by SureCloud’s shared libraries (for

example Assets, Threats and Controls) that

will continue to grow over time. Risk Manager for IRAM2 also provides aggregated real-time

reporting of information risk on interactive and customisable dashboards.

US: +1 651-256-9503 UK: +44 208-012-8544 Email: sales@surecloud.com www.surecloud.com

© SureCloud Limited 2017. All rights reserved.

The Outcome – value to the business

DATASHEET

✔ Centralisation: Cloud-based solution for centralised visibility and contribution

✔ Efficiency: reduces the number of steps to complete an individual assessment from 21 to 10

✔ Easy setup: new ‘Getting Started’ phase helps organisations to setup shared libraries – such as impact categories, assets, components, threats, attributes, events, controls and appetite

✔ Enhanced reporting: provides a holistic view of risk across the organisation for management

✔ Repeatability: preconfigured content with established relationships (for example, between threat events and controls)

✔ Real-time: all aggregated data is displayed live using interactive and customisable dashboards

✔ Multi-entity: assessments can be business entity or department specific, referencing the same or alternative supporting libraries

✔ Flexibility: retrospective changes to assessments are instantly applied through all subsequent steps without rework

Compliance Manager and ISF SoGP

Together with Compliance Manager, pre-

loaded with the ISF Standards of Good

Practice or Security Health check, an

organisation can ensure that its operational

controls are appropriate and effective for the

risks identified using the IRAM2 methodology.

About Us

SureCloud is a provider of GRC Applications and Cybersecurity Services. Our Cloud Platform has helped 100s of blue chip businesses and 1,000s of users to improve productivity and efficiency by replacing and automating spreadsheet based risk and compliance processes. In addition, our cybersecurity testing and assurance services team help organisations secure their information assets, systems and networks as well as providing a holistic view of cyber risk

using the SureCloud Platform.

The GRC Suite Risk Manager for IRAM2 is one of several complementary products in our Governance, Risk

and Compliance suite, hosted on the SureCloud platform. SureCloud’s GRC suite will support

the execution of your business strategy and objectives.

SureCloud Platform

ComplianceManager

IncidentManager

AuditManager

SecurityManager

forVendor

Risk

forCSR

AssessmentManager

forOp. Risk

forIRAM2

RiskManager

“We’ve become far

more efficient and have made

substantial time savings by using the

SureCloud Platform,

as many of the larger solutions

would have taken years to

implement.”

Vince Pillay, Chief

Information Security Officer,

Domestic & General