Rsam-Security Risk Assessment Software, Risk Analysis Software

A complete and accurate Risk Inventory is a critical element of any good risk management program. Risk Inventories provide organizations with a vital list of assets/elements providing value to the organization, their associated characteristics, and their associated risks and issues. A Risk Inventory may be a list of Vendors with various attributes (name, address, type of service, types of data shared, contact information, etc.), as well as a list of all Applications that host various classes of data. Organizations commonly will build Risk Inventories to track projects, lists of customers, list of risks and threats, or any other items with corresponding attributes that are important to capture, track, and report against.

An inventory is the foundation of any Risk Management program. With a good risk inventory, the organization can gain a deeper understanding of the assets it possesses, their value, their interdependencies, and provides process owners with the information to make informed decisions about how risks should be treated.

	Data Sheet
	Key Features
	Whitepapers

An organization, for example, may have 500+ applications within their environment. However, most organizations will not have the resources to conduct assessments of all 500+ applications with the same level of detail & accuracy. Instead, they may decide to prioritize their efforts based on the type of data stored within an Application, and weigh whether the application requires a full-blown, a light assessment or no assessment at all. Or, similarly, if a certain vendor provides a critical service or transmits/stores sensitive data, that will help determine the need and depth of a contemplated assessment. In this way a Risk Inventory provides organization critical information about what they possess and which areas should draw the greater focus in terms of their risk management efforts.

Risk inventories also provide critical information for managing ongoing risk and compliance efforts. If a new regulation is passed requiring the protection of specific data types or services, organizations need a good inventory to determine the impact of the regulation and to properly plan and manage the compliance efforts.

Rsam provides a flexible Risk Inventory solution that allows organizations to quickly and easily track risk and compliance information for assets, processes, projects, initiatives, and more. Each element may be recorded on its own, or may be related to other assets or elements that support them, establishing critical links for related assets and risk elements.

	Recording a list of anything is quite easily done in spreadsheets and home-grown solutions. The challenging part of these inventories or list is how to keep them updated and accessible to key stakeholders. Within Rsam, custom inventories are easily created and integrated into Rsam's overall Compliance Framework. Inventory form(s) are readily accessed and filled in by the requestor. The forms can then be routed to each appropriate individual involved in the inventory management process, gaining the appropriate sign-offs and keeping an audit trail of all such activity. The company's existing inventory elements can be easily replicated within Rsam, no matter how intricate, usually in a matter of minutes. Built-in dashboards and reports allow organizations to track and manage these elements. Using Rsam for Risk Inventory, organizations can:
		Setup your Risk Inventory Structure Setup a custom structure that is tailored to your organization needs with any number of data fields, with linking into other appropriate areas to depict relationships and dependencies
		Centralize & Import Data from One or Many Tools / Record of source Organizations can record (or import) inventory data from one or more tools. Rsam can import data from any XML, Excel, or delimited files, and from any ODBC-compliant database
		Keep the system updated by allowing self registration Have end users record and register new applications, projects vendors or any other inventory item and have them complete a simple form to record associated attributes.
		Automate your Process/Workflow Setup custom workflows based on your existing change management or inventory tracking processes. Setup alerts and escalation levels at appropriate areas.
		Intelligently prioritize and determine action plans Evaluate the extent to risk based on other relevant attributes and action plans and prioritize them.