Do you need help?
Do not hesitate to contact us, without any obligation.
Comprehensive operational risk management requires an IT risk analysis capable of correctly assessing whether governance and internal control systems adequately cover IT systems and associated risks.
To this end, the Augeos IT Risk Management solution (hereafter: AIT Risk) offers a range of features for the Risk Management department and the IT function to facilitate the implementation of a uniform IT risk management strategy.
More specifically, AIT allows you to perform:
- A risk assessment through the adoption of methodologies based on industry standards and/or internal policies taking into account the expected scenarios, including adverse scenarios related to critical IT systems
- A general governance capable of framing ICT-related responsibilities within a solid and transparent structure, with evidence of all the necessary information components (asset inventory, catalogs of scenarios and threats, control system).
- An analytical view that takes into account the computer incident logbook
- A clear ability to summarize and document the results
AIT Risk is a component of Augeos’ GRC platform. By virtue of this nature, the solution automatically inherits a number of basic features that allow you to manage:
- Profiling (also through SSO procedures) and user maintenance
- Roles and permissions
- The structure of organizational units
- Insertion, editing and removal functionality directly through web interfaces (cc.dd. “CRUD functionality” – Create, Read, Update, Delete)
- Massive loading of spreadsheets structured according to standard templates
- Synchronization/alignment procedures from third-party sources
- Native integration with other modules of the Augeos GRC platform, such as:
- The management component of the Action Plans
- The system for defining and monitoring Risk Indicators
The prerequisite for any risk analysis is to use all available information sources correctly so that you have a clear view of what the keys to reading plausible scenarios might be.
AIT Risk provides a series of functionalities designed to support the user in the creation and management of the information sources necessary for:
- Frame the responsibilities related to ICT within a solid and transparent structure
- Define expected scenarios, including adverse scenarios related to critical IT systems
- Establish the risk categories represented by the likely threats compared to the reality in which you are operating
- Accurately implement a system of controls to effectively mitigate IT risk
The information can be managed both at the system level through insertion (even massive), removal, modification functions subject to specific user permissions, and through synchronization mechanisms with third parties.