[Sponsored] Earlier this year, SMART Security Solutions published an article about a new web app from Zulu Consulting designed to automate and streamline the enterprise risk management process. Risk-IO is a web app used on a PC, laptop, or smartphone. It is designed to help risk managers throughout the process.
The risk management process is a complex and intricate exercise that can often lead to vulnerabilities in a company’s operations if standards are not followed. The Risk-IO application manages this by guiding users through the process, whilst ensuring that standards are met at every stage.
Risk-IO uses the Define, Measure, Analyse, Improve, Control (DMAIC) methodology in a continuous loop to ensure accurate risk identification. DMAIC is a tool used to drive Lean Six Sigma projects, but is also relevant in other disciplines, such as risk management. It is a data-driven improvement cycle that optimises and stabilises processes and designs, assisting in designing and implementing effective mitigation processes.
Starting with data
The first part of the Risk-IO process is capturing the data into the application, which will guide users in reducing and maintaining an acceptable level of risk in their organisation and its various divisions. Naturally, as issues are dealt with, the system is updated, but to maintain the optimal efficiency level, Zulu Consulting advises updating the risk assessment every six months. This provides a clear picture of how the team improves the company's risk posture and allows management to continually focus on the most important issues.
Naturally, simply capturing data does not accomplish much. Therefore, at the end of each assessment, Risk-IO produces a report highlighting the various risks and their severity. The individual or team responsible for evaluating, analysing, and approving the report can weigh up the risk posture, provide specific recommendations, and escalate the issues that must be addressed.
As a multi-user application, different team members are granted access to the application, with varying permissions according to their job function and level. The escalation is handled within the app, which also notifies people and provides them with the information relevant to their task.
During the implementation of the mitigation plan, the administrator assigns activities to staff (or even external resources) that must be completed within a well-defined period. The app emails the task owners with their assignments and the next deadline. Failure to complete the tasks on schedule can result in escalation to notify management and allow them to address the issue.
This plan is an integral part of the project (it includes a first assessment phase and a second mitigation phase) and creates a Gantt chart for each mitigation action, in which tasks can be defined and human and economic resources assigned.
Risk-IO is a web app for companies of any size. It is designed to deliver a central, accessible, and manageable assessment of a company’s risk, even if the business is dispersed across multiple sites and continents.
For more information, contact Roberto Vitale at rvitale@zuluconsultingroup.com
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version