The world’s first software-as-a-service (SaaS) IT Risk Assessment Tool

The Information Technology Risk Assessment Tool makes it easy to identify, assess, mitigate and manage IT risks

Generating Reports

Report Example

After completing the IT risk assessment a PDF report is generated as a ‘snapshot’ of the risk assessment that was conducted.

The attachment below is a sample of the report.

report-icon

The content of the report contains:

  • Inherent Risk Matrix and Description
  • Residual Risk Matrix and Description
  • Model Assessment Rating Scores
  • Detailed Answers

Inherent Risk Matrix

After completing the inherent risk assessment (e.g. Likelihood x. Impact) for each risk factor (question) an overall inherent risk score is generated which is plotted in the inherent risk matrix below which summarises the risk concentration across the model.

The number of risk factors for each inherent risk assessment combination are plotted into the cells to determine the number of questions across the model answered in a particular way.

ABCRAT-Report-Inherent-Matrix

Overall Inherent Risk Rating Descriptions

The overall inherent risk rating description assigned to each rating is described below.

ABCRAT-Inherent-Scale

Residual Risk Matrix

After determining the overall inherent risk rating the existence and effectiveness of any control measures are taken into consideration, which results in an overall residual risk rating which is plotted into the residual risk matrix and indicates the risk concentration. If there are a high number of risk factors appearing in the top left quadrants then this highlights the areas where the organisation needs to focus their attentions to mitigate these risks.

ABCRAT-Report-Residual-Matrix

Overall Residual Risk Rating Descriptions

The overall residual risk rating description assigned to each rating is described below.

ABCRAT-Report-Residual

Model Assessment Rating Scores

The key elements of the Model Assessment Rating Scores are:

  • Actual score – this is calculated based on the answer type score x. risk factor weighting. The answer type score can be 1 or 0 depending on how the risk factor is set up . This is the total score for each sub-category.
  • Maximum score – This is the maximum score possible based on the number of risk factors (questions) (e.g. 5 is maximum score per question)
  • % Weighting – This is the % weighting of the Group or Category across the entire model which is set during configuration and outlines the relative importance of Groups and Categories
  • Normalised Score –This is the weighted score (as opposed to a percentage) – the calculation of which is performed within the rule logic and adjusts automatically regardless of whether the user adds new Groups, Categories, Sub-Categories or Risk Factors (Questions)
  • Low, Medium or High – This determines for a particular sub-category what the threshold cutoffs are that determine whether the actual score is Low, Medium or High Risk, which is also set during configuration

All of the elements of this report can be configured.

aaa

Detail Answers

The detailed answers provided for every risk factor are also included in the report and provide a snapshot of how the risk assessment was answered.

Screen Shot 2014-07-09 at 6.47.54 am

 

 

Why not sign up for an obligation free trial today?

Contact us and we will provide you with access to a limited functionality no obligation free trial today!