Framework for Improving Critical Infrastructure Cybersecurity is a set of industry standards and best practices to help organizations manage cybersecurity risks developed by the National Institute of Standards and Technology. The Framework uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses. The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The Framework consists of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. The Framework Core is a set of cybersecurity activities, outcomes, and informative references that are common across critical sectors, providing the detailed guidance for developing individual organizational Profiles. The Framework will help the organization align its cybersecurity activities with business requirements, risk tolerances, and resources. The Tiers provide a mechanism for organizations to view and understand the characteristics of their approach to managing cybersecurity risk. This assessment is based in version 1.1 published in 2017 to include the supply chain. The possible risks, hazards and preventative measures are covered and can be extended to, added to and adapted to suit your situation. more...
Cyber Risk Store. When you purchase this risk assessment you will be able to access all the risks, hazards and causes from best practice risk assessments from within the Store. In this way you can leverage 100s of hazards, the combined knowledge of many risk experts when modifying the risk assessment to your context.
Standards,Best Practice & Regulations. If your company is following one of the international risk frameworks such as ISO, Coso, Cobit or ITIL you have the option to choose the standard and implemented it in this risk assessment. This will avoid research and manual adjustments of terminology. The framework can be changed from within your account as many times as you wish. Please note the default settings are suitable for companies who do not wish a risk framework.
Expert System. Segmantics is designed to be better at key tasks in the risk domain than office tools and enterprise systems. In the Risk Manager you will be able to amend the risk assessment to fit your particular situation. A fast and intuitive work surface enables you to brainstorm with your colleagues. On the left hand side of this surface is where the risk assessment can be viewed and edited. On the right hand side controls are created and tagged to risks. This surface enables you to quickly build an insightful risk assessments and model complex relationships. In addition, you can add your colleagues to the account so that you can all work on and share the same information. The process of adaption and learning is important in the risk field and you can copy risk assessments and adapt them as necessary. At the end of this process you will have risks, cause/hazards, residual risks and controls all identified.
Controls & Operations. Once the risk assessment is complete you can use the operations service. This will put the risk assessment into operations in your company and drive improvements and compliance. The systems will instantiate the controls into calendars, and allocate responsible users to the controls and optionally allocate actions and provision the system so that tasks are completed or expedited. Management oversight is made simple with the use of charts and diagrams. Full traceability from operational events to the risk assessment is maintained. Senior management, quality assurance, audit, legal and regulatory areas of your company will benefit from operational implementation.
In addition for those that wish to automatically integrate data from other systems into Segmantics so that the controls can be based on real time data an API service is available. If you would like to add this functionality please contact Segmantics.
Integrated Reports. Throughout the site you can access reports in hard and soft copy. These reports will summarise the risk assessments and operational implementation. These can be used to improve operations and address assurance and insurance requirements.
Help & Support. Help and support is available 24 hours per day.
available risk analysis methods
For further information please call +44 (0) 203 286 4556
* Disclaimer: Risk assessments from the Risk Store are provided as guidance only. Segmantics and its content partners are not responsible for how they are amended and used in practice by users of the application.