The world’s first software-as-a-service (SaaS) IT Risk Assessment Tool
The Information Technology Risk Assessment Tool makes it easy to identify, assess, mitigate and manage IT risks
After completing the IT risk assessment a PDF report is generated as a ‘snapshot’ of the risk assessment that was conducted.
The attachment below is a sample of the report.
The content of the report contains:
- Inherent Risk Matrix and Description
- Residual Risk Matrix and Description
- Model Assessment Rating Scores
- Detailed Answers
Inherent Risk Matrix
After completing the inherent risk assessment (e.g. Likelihood x. Impact) for each risk factor (question) an overall inherent risk score is generated which is plotted in the inherent risk matrix below which summarises the risk concentration across the model.
The number of risk factors for each inherent risk assessment combination are plotted into the cells to determine the number of questions across the model answered in a particular way.
Residual Risk Matrix
After determining the overall inherent risk rating the existence and effectiveness of any control measures are taken into consideration, which results in an overall residual risk rating which is plotted into the residual risk matrix and indicates the risk concentration. If there are a high number of risk factors appearing in the top left quadrants then this highlights the areas where the organisation needs to focus their attentions to mitigate these risks.
Model Assessment Rating Scores
The key elements of the Model Assessment Rating Scores are:
- Actual score – this is calculated based on the answer type score x. risk factor weighting. The answer type score can be 1 or 0 depending on how the risk factor is set up . This is the total score for each sub-category.
- Maximum score – This is the maximum score possible based on the number of risk factors (questions) (e.g. 5 is maximum score per question)
- % Weighting – This is the % weighting of the Group or Category across the entire model which is set during configuration and outlines the relative importance of Groups and Categories
- Normalised Score –This is the weighted score (as opposed to a percentage) – the calculation of which is performed within the rule logic and adjusts automatically regardless of whether the user adds new Groups, Categories, Sub-Categories or Risk Factors (Questions)
- Low, Medium or High – This determines for a particular sub-category what the threshold cutoffs are that determine whether the actual score is Low, Medium or High Risk, which is also set during configuration
All of the elements of this report can be configured.
Why not sign up for an obligation free trial today?
Contact us and we will provide you with access to a limited functionality no obligation free trial today!