riesgo-brochure[1]

Keeping you compliant Introduction Riesgo Risk Management is a tool that automates the process of risk management for BS7799, ISO/IEC27001 and ISO9001. It helps Information security Managers, Information Security Consultants, Business unit owners, Asset owners and Auditors to be able adequately assess an organisation’s compliance with the associated controls from the objectives. The tool resolves majority of the compliance & Audit issues faced by most organisations that adhered to the principles of ISO9001, BS7799 and ISO27001 by enabling an automated process that provides inherent reporting. Designed to resolve problems Designed by Information security professionals with over 35 years accumulated experience, Riesgo risk management tool was designed by Information Security Consultants and Auditors who devised the solution as a result of resolving issues surrounding risk management and compliance. Some of the key concerns that have been resolved include:             Continual document update Policy dissemination Automated reminders on key items and activities Ability for issues raised by departments to be linked into ISMS forum Incident alerting Linkage between ISMS forum and Departmental reports Internal Audit visibility and end to end engagement Automated alerting system Project inclusion Consolidated asset management Linkage between risk logs, assets and risk treatment Real time risk assessment on projects or departments Most other Risk management solutions provide a tedious process that makes it almost impossible for Business units to sustain the engagement. Benefits to stakeholders in the organisation Riesgo risk manager benefits a number of departments and positions in the organisation. As more and more organisations have to be able to attain and maintain a security standard like ISO9001 and ISO/IEC27001 it is paramount to ensure for the subsistence of your continued success to keep the certification. The following are some of the stakeholders that benefit from Riesgo Risk Management:             IS manager Data Protection department Risk Management department Internal Auditor External Auditor Project Manager ISMS committee Heads of Department Business owners Asset owners Risk managers Helpdesk Manager Custom built Each organisation is unique when it comes to information security management and your organisation needs to be reflected in the design of the solution. Riesgo risk management tool is custom built for each client and we ensure that you are able to utilise in the information captured by the system and leverage the cost across various other areas. From the initial analysis and pilot, we will architect a solution to cater for your current as well as prospective needs whilst also taking into consideration your growth/change project over the years to come. Once your pilot is completed, you will be able to provide to us, during our evaluation phase, what your specific needs are so that we accommodate them into the design and can be signed off during your user acceptance testing. The complete picture Riesgo Risk Management gives you the complete picture of your organisation, you will able to link ISMS forum responsibilities with departmental activities. The Dashboard Riesgo risk management is based on a Dashboard, Account holders will be able to log on and see the appropriate level of information the commensurate their role. The big picture will be available to Auditors, ISMS forum members and the IS Manager. The architecture Riesgo Risk Management provides you with the following:       Asset register Risk register Audit reporting facilities Policy manager Issue Management from Departments to the Forum Risk assessment Riesgo Architecture 2 ISMS forum members 3 EXEC IS policy Review & approval Risk management dashboard IS Manager 3a Risk Treatment plan 6 1 Risk register Risk logs 5 Asset register Asset list 4b Asset list 4 Risk logs 4a Department Point of contact Department Point of contact Department Point of contact Department Department Department Point of contact Point of contact Point of contact Procedures The Auditors view As one of the key concepts of Riesgo Risk management is to provide visibility to both Internal and External auditors. Auditors will have the unique ability to see historical data about transactions as well as see in real time how departments and projects are in relation to compliance. The main tool is from the dashboard that provides a High level view with alerts on which high and medium level risks as they relate to the projects and departments, the Auditor will then have the ability to drill further down and see detailed information about each module organised by department where departments are concerned, down to transcript level. Getting started To get started we invite to participate in our pilot that will allow you to see how the process works for the first two modules: The test pilot will allow you to perform the following activities:               Create an organisation Create an IS manager Create an ISMS forum Send invitation and log on credentials to your ISMS forum members Create a Departmental Point of contact Create an IS policy in review (Draft policy) Send the draft policy for review Your ISMS forum members will be able to log on and review, feedback and approve IS manager will be able to promote the IS Policy in review to live The document will have a review frequency set and date for next review automatically set Notification emails will be sent to all your ISMS members and Departmental point of contact ISMS manager will be able to disseminate the Policy to the organisation. Auditor will be able to log on and see all the transcript to support the controls Auditor will be able to provide feedback to the ISMS forum directly. In following these steps with our approved templates, your organisation would have demonstrated compliance with IS security policy document and Information security organisation. You will also be able to print out a number of the reports that can be used to demonstrate the activities carried or export to other tools as part of compliance. For a test pilot account, contact us today: Ben Oguntala, Technical Director Riesgo Risk Management No. 14, 100 Westminster bridge road, London SE1 7XA, England, United Kingdom Email - info@riesgoriskmanagement.com Telephone - 07812 039 867 website – www.riesgoriskmanagement.com