Security Scorecard creation providing an executive point of view of the organization’s risks, including metrics indexes
Overview of the risks related to business, enabling you to prioritize investments according to each asset’s importance to the business
Risks evolution tracking and allowing you to generate trending analysis over the course of several assessments
Centralized management console for Risk and Compliance Management
Planning and management of security – using knowledge and monitoring the risks to the business
Geo-referenced Risks Overview
More Effective and Less Costly Audits
Managing security requirements in multiple audits, cutting off redundant costs and unnecessary controls
Demonstrating clearly the risks management performance in accordance to the laws, regulations and industrial standards
Gauge compliance with multiple standards with one at a time
Align internal standards with one or more industry standards
Supporting the implementation of Certification requirements for industry standards
Supporting the creation of Business Continuity plans, easing maintenance and quick recovery of information and procedures, in compliance with rule BS 25999 and other industrial standards
Optimized productivity of the internal team and qualification of the workforce through the use of constantly updated knowledge bases
Reports
One of the great challenges faced by the security managers is how to view risk-related information in a simple and integrated way. CiSACS uses the Risk WizardŽ technology, which makes it possible to generate different charts and tables, as well as to consolidate information and monitor indexes that support decision making. The system also allows security administrators to produce their own reports, in the format and order desired. Tables can be viewed on-screen, printed or saved to a MS-Word document. For the charts, there is a copy to memory option, which allows further pasting to a different document of any format. Tables are generally designed to meet technical specifications or management requirements, depending on each organization’s own culture. Charts are generally directed to the management-level or executive public. Results can be individualized or refer to a business component or asset, or yet to the consolidated result of several different components or assets, with options for display by business component, threat, perimeter, etc. Asset and even standards priorities set by the organization are taken into account throughout the analysis and reporting process. New reports can be generated instantly even after adjusting data “on the fly.”
CiSACS reports help companies compare the evolution of risk indicators, make investment decisions and establish priorities for the implementation of controls.
