Solutions Overview

 

WCK GRC  is a  unified cyber risk and compliance management solution that can present actionable business intelligence to the CEO, CIO, CISO, CRO, Compliance Officer and other company executives.

 

What makes WCK different?

Most enterprises recognize that the risk and compliance process calls for automation. They understand that their existing office and spreadsheet solutions do not provide the management insight they need from the’ the large amount of findings collected from reviews, audits and automated tools.

But GRC software has gotten a bit of a bad reputation, largely due to:

  • the high cost, time and failure rate of risk and compliance implementations – they require significant upfront time and investment to customize and model
  • Lack of analytics to show just how technical risk affects the business

On the one hand,  e-GRC tools provide a solid, top-down approach to enterprise risk management – but lack the ability to incorporate detailed technical findings

On the other hand, IT-GRC tools provide technical depth – but lack the ability to reflect how detailed findings affect critical business services and processes,

 

WCK Streamlines Risk and Compliance

WCK both simplifies and enhances risk management by taking an innovative approach.

The heart of  the system are assets and their dependencies.  Most GRC applications are control-based or risk and control based. Of course, WCK fully supports risks and controls, but it is built on an asset-based approach.  An asset type can be anything:

  • Logical – a region, process, service, product…
  • IT-related – an application, system, server…
  • Physical – a satellite, router, oil pump, water meter, building…

The WCK Designer – allows users to visually draw the relationships between assets, or import them into the software.  The result  is far more than just a pretty picture!  The picture represents a logical structure.  The software analyzes  the dependencies between the multiple business, technical and physical assets in the picture and uses these dependencies as part of its risk aggregation and analysis.

WCK Dependency Maps  – display  how risks cascade across an organization between its assets and color codes the riskiest assets in shades of red.

 

What are the benefits of the WCK  Approach?

How can your organization benefit from the  asset–based approach to risk and compliance?  The approach allows you to implement your GRC  incrementally, step by step, without the need for large-scale modelling and customization.

  • Get quick wins within weeks – The asset approach delivers rapid implementation. An initial risk and compliance posture based on legacy findings is ready within few weeks, without requiring complex risk and control mapping.
  • More efficient risk assessment and management– based on built-in dependencies and risk analytics, smart aggregation and correlation of  findings from multiple risk sources around common assets.
  • Simple integration with complementary solutions – By correlating detailed findings around assets, it is not mandatory to map every technical finding to risks and controls. Importing legacy data and integrating with scanners, event management and more becomes a cinch.
  • Minimal customization – A risk and compliance dashboard is ready for each asset type defined. The software is ready-to-go with no programming required.