integrated management systems - amazon web services · integrated management systems risk...
TRANSCRIPT
Integrated Management Systems
Risk visibility
Rapid deployment
Easily configurable
Intuitive
On-premise or SaaS
Enterprise GRC Software
With STREAM you can automate individual or multiple integrated management
systems, such as an ISO 27001 Information Security Management System and a wide range of
other management systems for cyber security, business continuity, health, safety and
environmental, quality or supply chain management. STREAM supports all aspects of the
international management system Plan, Do, Check, Act (PDCA) Cycle.
Risk quantification
Plan (Establish the Management System)
• Record assets and scope
• Specify risk and control assessment approaches, measurement criteria and thresholds
• Tailor the risk assessment scheme
• Identify, analyse and evaluate risks
• Identify and evaluate risk treatment options
• Review residual risk and present for approval
• Report on Top 10 risks by MS or across multiple MSs
• Prepare a Statement of Applicability
Check (Monitor & Review the MS)
• Log incidents and near misses
• Record the impact of incidents and link to risks and controls
• Tailor the incident recording criteria
• Report on incidents and near misses by MS or across multiple MSs
• Monitor the performance of key control indicators and key risk indicators
• Report on control effectiveness, history and trends
• Review risk assessments
• Monitor risk status against risk appetite and risk acceptance
• Report on risk history and trends
Do (Implement & Operate the MS)
• Formulate a risk treatment plan
• Measure and monitor the effectiveness of controls
• Tailor the control assessment scheme
• Report on the effectiveness of controls by MS or across multiple MSs
Act (Maintain and Improve the MS)
• Raise improvement actions, assign ownership, and target dates and link to supporting documents
• Track improvement actions
• See the effect of completed actions on risk registers and reports
Contact Us
For further information on
STREAM or Acuity Risk
Management please contact us:
www.acuityrm.com
+44 (0) 20 7297 2086
@AcuityRM
Acuity Risk Management
Example Risk Register (single MS)
Example Group Summary (multiple MSs)
Example Group Summary (multiple MSs)