Advantages of Risk Consultant
No two enterprises are the same, and neither are their security requirements. Risk Consultant will therefore dynamically generate questionnaires from 'knowledge base' modules that are specifically suited to the organisation, environment and system under review.
A major design feature is the modularisation of the Risk Consultant 'knowledge base' questionnaires. This enables modules to be targeted at personnel with the appropriate expertise and knowledge, and fully supports scheduling. For new developments, it also allows stage by stage assessment (design, development, acceptance testing and implementation).
Risk Consultant is designed to be truly self analytical. It can be used without the need for detailed security knowledge or expertise in using risk management software. There is no need to employ expensive consultants to 'back-up' the system.
The reports produced by Risk Consultant are NOT standard computer output. They are in the form of professional business reports and are suitable for interpretation by both technical and non-technical management.
Knowledge Base Customisation
Through the separately shipped Module Manager component all elements of the knowledge base can be changed, including question modules, weightings, recommendations, and output assessment text. This facility is important where an organisation wishes to alter the system to fit its own culture, or where a very specialist and possibly unique risk element has to be assessed.
What If ... ? Solution Testing
Risk Consultant fully supports 'hypothesis testing'. The impact that specific additional controls would have on the system's risk level can be dynamically ascertained.
On-line help is essential to enable full 'self analysis'. Risk Consultant provides help at both system level (to guide the user through the exercise) and question level to offer further explanation when addressing complex areas).
Copyright © 2002 C & A Systems Security Ltd
Web site created by Eon Web Design