The software’s risk analysis function enables the uniform support of the company’s various types of risk analysis. The different types of risk analyses in a number of different areas can be run concurrently, the results of which can be managed in a uniform approach in the interest of implementing and supporting integrated comprehensive enterprise risk management (ERM).
- Information security (CIA)
- Physical security
- Data security (PIA or DPIA)
- Business and process-based risk analysis
- Critical system – MI NDGDM [Ministry of the Interior, National Directorate-General for Disaster Management]
- Ad hoc, project-based
One or more, separately managed risk analysis threads/packages can be launched in the RISK module, with separate responsible persons and assessors. These can be various types of risk analyses or the separate risk analyses of separate areas.
The scope of the various risk analyses can be flexibly adjusted as regards threats and/or resources, so full-scale or partial (or ad hoc)/project-based risk analyses can be performed as well, or the security of other company areas (IT, physical, human resource, business security, and data protection) can also be taken into assessment. The risk analysis can be carried out periodically or continuously according to the needs of the organization.