Cyber Risk Assessment Functionality: Exception Tracking and Reporting

Tuesday, December 12th, 2023


Cyber security risk management solutions from DefenseStorm.

DefenseStorm’s cyber risk assessment solution has recently been updated with new functionalities, further enhancing its capabilities as a powerful cyber risk management solution with GRID Active Risk Assessment Exceptions.

DefenseStorm has recently updated its cyber risk assessment solution – GRID Active Risk Assessment – with new functionalities, further enhancing its capabilities as a powerful cyber security risk management solution.

GRID Active Risk Assessment just introduced Exceptions.

Institutions must track, monitor, and periodically report on exceptions. DefenseStorm, in our built for banking approach, understands this need and the impact these exceptions can have on your risk profile.

For example, your organization may have a policy against allowing access to file sharing websites (ex: Dropbox), but it’s recognized that an individual within a certain department has a business need, and access was approved by the appropriate parties.  With Exceptions, you can log an exception as a risk. For example, an exception can be created for “Sally has access to Dropbox” in your risk register.   You can schedule periodic reviews for exceptions to ensure the business case remains valid or to schedule remediation activities. You will receive reminder emails around these custom review schedules.

Users can link a control to leverage evidence collection from Tasks, Task Schedules, Incidents, and Triggers. You can also attach documentation directly into the Exception for ease of use during audit or examination preparation, and you can exclude Exceptions from your general risk assessments.

DefenseStorm is committed to providing solutions that stay ahead of the ever-changing threat landscape. We continually innovate and update our technologies to ensure that our clients receive the best possible protection against both known and emerging threats.

Jessica Caballero

Jessica Caballero

Senior Product Manager - Compliance

Jessica Caballero, Senior Product Manager Compliance and Risk, CERP, CRCM. Jessica was an examiner for the Office of the Comptroller of the Currency (OCC). After leaving the agency, and also worked as both a banker and a consultant focused mainly on compliance and risk management. Since 2015, Jessica has applied her subject matter expertise to the creation of technology solutions that solve critical problems for financial institutions. At DefenseStorm, she leads product decisions specific to compliance and risk as a Senior Product Manager. Jessica earned her bachelor’s degree in business economics from Texas State University and achieved the Certified Enterprise Risk Professional (CERP) and Certified Regulatory Compliance Manager (CRCM) designations from the American Banker Association (ABA).