Introducing New Capabilities to Secureframe’s Risk Management Solution
Last month we announced our new enterprise-grade Risk Management solution built to provide fast, easy, and flexible ways to identify, assess, and manage risks so you can grow with confidence.
Today, we are excited to introduce more features and capabilities to the Risk Management solution so you can save time, streamline tasks, and improve collaboration.
New Risk Management capabilities
This latest release introduces powerful new capabilities so you can more easily implement and manage your current risk management system and associated tasks from a single, centralized place. These capabilities include flexible CSV uploads, document attachments, task management and notifications, and the ability to view and delete archived risks.
Flexible CSV uploads
Easily upload your existing risk register to the Secureframe platform without any pre-work. Our flexible CSV uploader provides an intuitive workflow that allows you to import your existing risk register into Secureframe without taking time to format it based on our templates.
After importing your CSV, the workflow guides you through matching the columns in your existing spreadsheet with the fields in Secureframe so you can seamlessly transfer the work you’ve already done and continue your risk management program more efficiently.
We now allow you to attach documents to individual risks so you can report the measures you are taking to treat and manage risk in your environment.
For example, if you marked a risk treatment as “transfer” during the assessment, you’ll want to provide evidence that you are actually transferring the risk to a third-party. Attaching supporting documents to individual risks, such as proof of cyber liability insurance, is another way to showcase the actions you are taking to reduce risk and build and maintain a strong risk posture.
Task management and notifications
Risk assessment is only the first step in building a strong risk management program. Taking action on risks, such as implementing mitigating controls, is critical to reducing risk. You can now create risk management tasks in the Secureframe platform with the option to send notifications via a preferred notification delivery method – email, Jira, or Slack.
When creating a task you will assign an owner, set a due date, add any additional details, and send a notification. Tasks and notifications improve collaboration within your organization and ensure you are completing tasks in a timely manner to maintain a strong risk posture.
View and delete archived risks
We now make it easy to view and track archived risks so you have visibility into historical data of the risks you’ve eliminated in your environment. To ensure your list of archived risks is accurate, you can now hard delete a risk from the archives, such as if a risk was added by accident or is a duplicate. All hard deleted risks cannot be reverted.
Quantitative risk assessment for Enhanced Risk Management
To further support enterprise organizations, we have expanded our Enhanced Risk Management offering to include quantitative risk assessment using the Annualized Loss Expectancy Methodology. This methodology delivers a more precise understanding of a risk in terms of financial loss.
In the risk assessment workflow, you can now calculate the Single Loss Expectancy (SLE) and the Annual Loss Expectancy (ALE). The SLE calculates your financial loss due to a single event based on the value of the asset and the percentage of the asset that would be impacted. The ALE calculates your annual losses based on the SLE, the rate an event could occur in a year, and how certain or uncertain you are about the numbers you provide. By calculating the SLE and ALE of an asset you can make objective decisions to reduce risk and potential losses for your growing organization.