|
The RiskComp application has
been designed to support risk and compliance management from
different sectors and purposes, although its background
originated from the Information Security Management
community. This is
made all the more obvious by the fact that the first two
Expertise areas to be launched for use with the RiskComp
application are for Operational and Information Risk
Management, and for ISO 17799 (standard for Information
Security Management) Compliance Management.
ISO 17799
Compliance Management Expertise
The
RiskComp approach to compliance management closely relates
to the Plan-Do-Check-Act model used in the ISO standards for
Information Security.
RiskComp uses an objective,
Expertise driven, questionnaire based approach to ISO 17799
Compliance Management, and RiskComp Ltd. is licensed by the
British Standards Institute (BSI) for the provision of this
solution.
Operational
and Information Risk Management
Operational and Information Risk Management is the practice
of assessing and managing the risks of Information, any
associated Information Systems, and business operational
practices within an Organization.
The
Operational and Information Risk Management Expertise has
been developed based on many years practical experience and
research, and has recently been reviewed and updated to
ensure all current threats and controls are carefully taken
into consideration. This Expertise is also closely aligned
to both the International ISO/IEC 17799:2005 and British
BS7799-3:2006 standards. |
