Do you need help?
Do not hesitate to contact us, without any obligation.
To complete the computer risk analysis is often used all that information related to the historical series of accidents to which it is useful to refer in terms of benchmarks in the identification of occurrence frequencies.
AIT Risk provides a configurable system to accommodate such information that can be used both as a simple container of data from external sources and as a structured collection intrument for cyber accidents.
The first case copes with situations where the registry is managed externally compared to AIT Risk. In these circumstances it is possible to take advantage of alignment procedures (manual or automatic) that allow you to synchronize information without the involvement of organizational structures, content completion processes, validation activities.
The second option allows you to use AIT Risk directly to capture data related to cyber accidents by providing a workflow that can be triggered both on the periphery (for example, in branches) and centralized (for example, at the level of Areas or Directorates). In the latter hypothesis, the system allows to involve different organizational structures according to their competence, precisely establishing the relevant contents and completing the information step by step with a view to validating the data.
If the RiskShelter solution is also present in the same GRC installation to manage operational risks, then it is possible to define how to proceed with a synchronization of reports collected on RS with IT incidents (for example, defining how and how an IT incident should also be handled in the form of an operational loss event).