Risk & Security

Risk management
  • ISO31000
  • ISO27005
  • NIS
  • COSO
  • COBIT
  • ERM
  • NIST

iFACTS supports Risk Management in an integrated flow to manage risks at all levels within the organization. Status and results are presented in reports & dashboards for easy follow-up and action.

The need for organizations to work systematically with risk management is steadily increasing and is mandatory for complying with regulations and laws. iFACTS' method for risk management is inspired by major frameworks such as COSO ERM and ISO 31000/27005, NIST. Risk management needs to handle different stakeholders and perspectives within strategic and operational risk management, as well as control & audit. These are separate activities that are all connected via the iFACTS system.

Risk management in four steps

  1. Scope: select which parts are included. Document the purpose and method.
  2. Risk identification: identify the risk scenarios to be assessed. Document how the selection is made, for example, by linking to a threat library.
  3. Risk assessment: assess the risk scenarios, for example, probability and multiple consequences.
  4. Risk reduction: mitigate the risks that are above acceptance levels. Re-assess after the preventive measures have been implemented.

The application offers support for multiple risk management methods, both qualitative and quantifiable. For example, vulnerability, impact, sensitivity, threat, SWOT, DPIA, third-party risk & TIA.

Reports & Dashboards

The Report Generator is used to define templates to create reports at an aggregate or detailed level using Microsoft SSRS and Report Builder. Reports can be based on archived or live data.

Report example:

  • Critical Risk List
  • Risk / Categories
  • Top Risks
  • Non-conformance Report
  • Risk Map
  • GDPR DPIA
  • Statement of Applicability (SOA)

Functionality

Risk Management is part of the iFACTS software platform, which offers configurable workflows for governance, risk and insurance management:

  • Access control and logging
  • Goals and follow-up
  • Requirements management
  • Calculations
  • Deviation/recommendation management
  • Incident management
  • Dependency mapping
  • Document management
  • Dynamic checklists / control surveys
  • Dynamic form and data builder
  • Notifications, To-do, and Activities
  • Web-based; no software installation required
  • Broad browser support, including mobile devices
  • The software can be installed in your own IT environment or offered via iFACTS' Swedish hosting partner as a SaaS solution.
Book demo

Benefits

iFACTS supports Risk Management in an integrated workflow to manage risks at all levels within the organization. Status and results are presented in reports & dashboards for easy monitoring and action.

Workflows

  • Dynamic set-up of risk flow
  • Support for the risk process: context, identification, assessment, treatment
  • Links to controls
  • A centralized and configurable risk management software
  • Regulatory compliance according to GDPR, ISO, COBIT, COSO, ERM, NIST
  • Risk reporting and aggregation
  • Links to threats, incidents, vulnerabilities, and early warnings
  • Links to business continuity and crisis management
  • Management of classified information and documents
Book demo

Contact

Mark Wijeyratne
Phone: +46 72 741 39 00
Email: mark.wijeyratne@ifacts.se

Case

Digitalized Control on Claims Management at Vattenfall Försäkring

“Potential differences in data between systems are caught at an early stage.”