Upload
buitram
View
232
Download
0
Embed Size (px)
Citation preview
DATASHEET
Risk Manager for IRAM2
The Challenge
Information risk methodologies provide a structured and consistent end-to-end approach for
managing an organisation’s information assets within acceptable levels of risk tolerance.
IRAM2 is the ISF’s latest methodology for identifying and assessing information risk, which
has gained substantial traction with many global Member organisations, due to its holistic
nature and rigour.
The Need
Information is critical to all organisations, as such informing key
stakeholders of the risks to key information assets is now a business
requirement. As the ability of adversarial threats such as organised
criminal group, privileged employees that cause significant harm to
organisations’ reputation, operations and financial results continues
to grow - there is a greater need for organisations to have rigorous
understanding of the risks to our environment (s). IRAM2 is the ideal
methodology to achieve this.
“One of the main benefits
is that we now have a
central view of compliance.”
IT Compliance Manager,
Global Travel Company
The Solution
SureCloud has recognised these challenges and
has created an Application called Risk Manager
for IRAM2 to address these issues. Risk Manager
for IRAM2 has been developed in conjunction
with key ISF community members and has been
designed with the key objectives of repeatability,
efficiency and usability in mind.
Individual assessments have been streamlined
and no longer exist as standalone activities.
Multiple assessments can run in parallel and
changes made retrospectively without having
to repeat every subsequent step. These are
supported by SureCloud’s shared libraries (for
example Assets, Threats and Controls) that
will continue to grow over time. Risk Manager for IRAM2 also provides aggregated real-time
reporting of information risk on interactive and customisable dashboards.
US: +1 651-256-9503 UK: +44 208-012-8544 Email: [email protected] www.surecloud.com
© SureCloud Limited 2017. All rights reserved.
The Outcome – value to the business
DATASHEET
✔ Centralisation: Cloud-based solution for centralised visibility and contribution
✔ Efficiency: reduces the number of steps to complete an individual assessment from 21 to 10
✔ Easy setup: new ‘Getting Started’ phase helps organisations to setup shared libraries – such as impact categories, assets, components, threats, attributes, events, controls and appetite
✔ Enhanced reporting: provides a holistic view of risk across the organisation for management
✔ Repeatability: preconfigured content with established relationships (for example, between threat events and controls)
✔ Real-time: all aggregated data is displayed live using interactive and customisable dashboards
✔ Multi-entity: assessments can be business entity or department specific, referencing the same or alternative supporting libraries
✔ Flexibility: retrospective changes to assessments are instantly applied through all subsequent steps without rework
Compliance Manager and ISF SoGP
Together with Compliance Manager, pre-
loaded with the ISF Standards of Good
Practice or Security Health check, an
organisation can ensure that its operational
controls are appropriate and effective for the
risks identified using the IRAM2 methodology.
About Us
SureCloud is a provider of GRC Applications and Cybersecurity Services. Our Cloud Platform has helped 100s of blue chip businesses and 1,000s of users to improve productivity and efficiency by replacing and automating spreadsheet based risk and compliance processes. In addition, our cybersecurity testing and assurance services team help organisations secure their information assets, systems and networks as well as providing a holistic view of cyber risk
using the SureCloud Platform.
The GRC Suite Risk Manager for IRAM2 is one of several complementary products in our Governance, Risk
and Compliance suite, hosted on the SureCloud platform. SureCloud’s GRC suite will support
the execution of your business strategy and objectives.
SureCloud Platform
ComplianceManager
IncidentManager
AuditManager
SecurityManager
forVendor
Risk
forCSR
AssessmentManager
forOp. Risk
forIRAM2
RiskManager
“We’ve become far
more efficient and have made
substantial time savings by using the
SureCloud Platform,
as many of the larger solutions
would have taken years to
implement.”
Vince Pillay, Chief
Information Security Officer,
Domestic & General