5 out of 5 (1 Ratings)
Feb 3, 2017
Innovative GRC concept, very complete in its basic package, but open to flexible customisations. Provides a Risk Management module that maps with the risk workflow across the processes, the Information Classification, Asset Characterization and Correlation module in addition to the Scenario Modeling. The Risk Assesment module allows for defining the Threats, Vulnerabilities, Controls and Countermeasures, executing the Risk Assesment and calculating the Risk and performing what-if-analysis to simulate the results of possible treatment plans. The experience was excellent, the tool is currently fully embedded into the IT development life cycle process, the Enterprise Risk Managment process and the Incident Management process, providing detailed and executive insight to the levels of security maturity and compliance of each of the assets implemented.