Cyber Risk Assessment Functionality: Exception Tracking and Reporting

Cyber Risk Assessment

DefenseStorm has recently updated its risk assessment solution – GRID Active Risk Assessment – with new functionalities, further enhancing its capabilities as a powerful cyber security risk management solution.

GRID Active Risk Assessment just introduced Exceptions.

Institutions must track, monitor, and periodically report on exceptions. DefenseStorm, in our built for banking approach, understands this need and the impact these exceptions can have on your risk profile.

For example, your organization may have a policy against allowing access to file sharing websites (ex: Dropbox), but it’s recognized that an individual within a certain department has a business need, and access was approved by the appropriate parties.  With Exceptions, you can log an exception as a risk. For example, an exception can be created for “Sally has access to Dropbox” in your risk register.   You can schedule periodic reviews for exceptions to ensure the business case remains valid or to schedule remediation activities. You will receive reminder emails around these custom review schedules.

Users can link a control to leverage evidence collection from Tasks, Task Schedules, Incidents, and Triggers. You can also attach documentation directly into the Exception for ease of use during audit or examination preparation, and you can exclude Exceptions from your general risk assessments.

DefenseStorm is committed to providing solutions that stay ahead of the ever-changing threat landscape. We continually innovate and update our technologies to ensure that our clients receive the best possible protection against both known and emerging threats.