WCK software was designed to help organizations in every aspect of their security and IT risk management process, by using a methodology that eases the daily workflow and allows for speedy implementation and intuitive and easy ongoing maintenance.
WCK End-to-End Security Assessment (EESA™) is a comprehensive risk assessment model that connects the dots between detailed technical findings and business services and processes.
This approach makes it easy to understand the business implications of IT risks and to uncover hidden vulnerabilities by analyzing the dependencies between the logical, software and physical assets of the organization. The platform addresses the daily concerns of IT and security officers:
Deploying a GRC solution to improve your cyber and IT risk management process is usually time consuming and labor intensive.. To meet this challenge, WCK GRC offers a unique and pragmatic deployment process, which results in an accurate risk posture within days of installation. The quick implementation and the immediate results show significant value in a short period of time, ensuring management support at an early stage.
Preliminary Configuration and Legacy Information Import: ~ 1 Week
Preliminary configuration includes the definition of basic elements such as the organizational structure, organizational assets, criticality, and more. The organization’s legacy information (prior audits, penetration tests, etc.) is imported via automated feeding or via Excel spreadsheets.
Visual mapping of assets and their relationships clearly demonstrates
interdependencies between systems / processes / entities at a glance
Following this stage, security officers can already view the overall risk status and utilize bSRM’s decision tools, remediation workflows, reminders, alerts, reports and dashboards. Reviews can be created and managed based on templates already existing in the organization (imported through Excel spreadsheets).
Fine-Tuning: ~ 5 weeks
Policies are fine-tuned and uploaded to the system. Recent reviews based on the newly created questionnaires are added as well.
Once the risk posture is available, you can investigate each critical risk, its status, who is responsible and how it affects compliance or security status. Easy navigation is available from the business process or organizational unit to the specific ticket or finding. This allows you to:
High-level risk view
The built-in remediation workflow allows you to manage remediation efforts and their progress, and manage issues before they become bottlenecks. It enables you to:
With bSRM, you can monitor multiple, simultaneous compliance projects with dedicated compliance dashboards. The compliance management allows you to:
Compliance high-level risk view
Predefined and customized dashboards with drilldown and root cause analysis options help you monitor risks from different perspectives such as business processes, organizational units, suppliers and IT systems, to name just a few. There are a variety of predefined and tailored reports which facilitate customized communication with multiple stakeholders including the CEO, CIO, CSO. CFO and COO using:
Flexible dashboard and reports can be customized based on multiple parameters
A customized dashboard view