Risk Registry - How Does It Work?

Risk Registry - How Does It Work?

Our team has been hard at work to bring you a new feature that will change the way your organization handles risk management.

We’ve listened to feedback from our users, conducted research on best practices, and are ready to unveil our latest feature: The SecurityGate Risk Registry!

The Risk Registry is an enhancement stemming from industry best practices that allow organizations to have a repository of identified risks that can be actioned on and documented within the platform.

We enable users to have a clearer insight into what risks are present and accept those risks through a documented process. This combines seamlessly with our assessment, remediation,and validation workflows to give you greater control over how you manage your risk.

How does it work?

1.     The workflow will parallel that of the Remediation process where users will have the option to action on assessment items that did not have full corresponding controls in place during the time of the assessment (usually meaning the answer to the original question was ‘No’, ‘Not Implemented’, etc.).

2.     Managers will be able to review rejected submissions and accept them to move to the next phase of the process. From there, the they will be able to work with internal stakeholders using any existing processes to gain approval; we’ve even added aRisk Acceptance Form to document consensus. We’ve done this to maintain the flexibility for you to incorporate your own process into the SG platform.

3.     If approved, the risk will move into the Closed/Accepted repository which acts asa house for any associated items.

 

This is just the first step.Depending on feedback from our users, we plan to iterate as we work towards improving the process and capabilities so that you and your team can focus on what you do best.

For any additional information, schedule a demo or get in touch with us here.