Cyber GRC Ideas Portal
ADD A NEW IDEA

IT and Cyber Risk

Showing 22

Enable 'Applicability' as default blank checkbox without Assessment ratings in Inherent Rating/Residual Rating factors from Risk Assessment Task

Hi Team, Our customer 'Kroger' has requested that the "Applicability" checkbox be left empty by default and that the assessments' ratings be left blank. The user should be able to easily select the factors that are required to have ratings rather ...
Guest 9 months ago in IT and Cyber Risk 0 Pending Product Manager's Review

Heat maps do not reflect all risks and will only display the risks shown on the page of the screen.

Heat maps do not reflect all risks and will only display the risks shown on the page of the screen.
Guest 9 months ago in IT and Cyber Risk 0 Pending Product Manager's Review

Risk Assessments can only be completed by one individual due to the roll-up capability of risk assessments. This has limited the capability to let users use the systems efficiently.

Risk Assessments can only be completed by one individual due to the roll-up capability of risk assessments. This has limited the capability to let users use the systems efficiently.
Guest 9 months ago in IT and Cyber Risk 0 Pending Product Manager's Review

Complying with NIST 800-30 Cybersecurity Framework using IT and cyber risk module.

NIST SP 800-30 NIST Cybersecurity Framework is popular among companies in the US. NIST has become the gold standard for assessing cybersecurity maturity, identifying security gaps, and meeting cybersecurity regulations. Using our IT- risk module w...
Guest about 3 years ago in IT and Cyber Risk 2 Pending Product Manager's Review

Request a function where if you want to edit the relationship list (add or remove) the pop-up window for the option shows what has already been selected previously.

I would like to request a function where if you want to edit the relationship list (add or remove) the pop-up window for the option shows what has already been selected previously. Currently if you want to edit it, the list does not show which one...
Guest over 1 year ago in IT and Cyber Risk 0 Pending Product Manager's Review

Interaction between IT Risk and IT Compliance Module

In product's roadmap will there be interactions between IT Risk and IT Compliance Modules. For eg: Failure of a control and the creation of an issue in the IT compliance module does not change the Risk score in the IT Risk module. As this is suppo...
Guest about 2 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

Make Vector for Threat optional

Very often customers have threat data they want to upload/use, but do not have a threat vector defined for them. Can we make this field optional, or perhaps add values of Other or TBD.
Guest about 2 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

IT Risk Assessment form: Ability to show Question name as response filed header for free text columns

If there are more number of questions in assessment secion, when assessor click on response then customer need to know for which question, they need to provide response.
Guest about 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

[Siemens Energy] Ongoing Migration of Risk Assessments

Ask - Siemens Energy Cyber Risk Team uses MetricStream Qualitative Risk Assessment approach as of now. Use Case - While the Cyber Risk Team uses our tool to perform risk assessment, they want to migrate risk assessments of different teams/subsidia...
Guest about 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

[Siemens Energy] Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk

Ask - Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk. In customer words - separate the data visibility between RIC and CYS. Use Case - There are two teams in Siemens...
Guest about 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review