ITRM (IT Risk Manager)
Techexpert in partnership with the Active Audit Agency has developed an ITRM automation system (IT Risk Manager). ITRM is designed to assess and manage information security risks in accordance with the requirements and recommendations of international standards. The system allows you to create a list of possible threats, conduct an assessment and analysis of risks, develop a risk treatment plan, evaluate and justify the costs of ensuring information security.
ITRM Opportunities
- Centralized storage of information on all risk assessment facilities
- Centralized storage of information on existing IT Security vulnerabilities, probable threats and risks associated with the implementation of threats
- Conducting a risk assessment for each information asset in accordance with international standards
- Development of a risk treatment plan and assigning tasks to executors for its implementation
- User access permissions to information in the system according to the role model
- Ability to operate simultaneously during risk assessment
- Sending notifications to owners of information assets about changes in the valuation
- Ability to view all actions on system objects
- Building reports with information on risk assessment, as well as a risk treatment plan with the possibility of uploading to Excel
Implementation of ITRM solves tasks
1
Determine the goals of IS management
2
Evaluate the main critical factors affecting the core business processes
3
Develop a conscious and informed decision to control them or minimize the impact of threats
4
Stand by the decision on the choice of specific technical and organizational security measures before company's management
Benefits for IT Security Dept
- Systematization of information assets and business processes related to risk processing
- Obtaining summary analytical information on risk assessment and risk treatment plan
- Reduced time spent on risk assessment
- Formation of a single information space for risk assessment
- Providing the necessary information for all participants in the process (owners and managers of business processes, employees of the IT Security department, IT Security officers)
Benefits for company
- Implementation of the solution and subsequent work with it will ensure economically sound company security
- Risk prevention measures will be implemented in particular for those areas of the company that are most vulnerable
- Risk management will be able to provide protection against risks and, as a result, increase the competitiveness of the enterprise
- Reports on existing threats will be useful to the company's management to assess the situation and implement strategic planning
Opportunities for integration
GLPI can be integrated with systems: AD / LDAP, Postal system. On a customer's request, we can integrate this risk management solution based on GLPI with IP telephony (Asterisk, Cisco, etc.).
ITRM is easy to implement!
No software costs
The solution is based on the open source software GLPI
Ready to use
It is a ready tool for the evaluation and treatment of risk information assets
No additional cost
You do not need to install additional client applications, any modern browser is sufficient