All ideas

When we import the ADs into GRC libraries a simple report on the import status (primary key as import id) is needed. The report should have both details and summary stats. Summary status can be around - no of controls, no of requirements, no of q&...

Ask - Siemens Energy Cyber Risk Team uses MetricStream Qualitative Risk Assessment approach as of now. Use Case - While the Cyber Risk Team uses our tool to perform risk assessment, they want to migrate risk assessments of different teams/subsidia...

Ask - Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk. In customer words - separate the data visibility between RIC and CYS. Use Case - There are two teams in Siemens...

The solution should have a framework for automated measurement and assessment of Controls.

NIST SP 800-30 RMF is fast becoming a mandate for information security risk assessments for federal entities.

Sometimes JIRA is used for managing IT tickets. It adds value to have an API integration into JIRA.

Product should have configuration option to restrict data as per need. Ideally we should have configuration which should allow to define rule(s) so we can restrict data consumption as per need. Currently CMDB connector pulls anything/everything fr...

Product should have configuration option to address remap the different set of data to asset Library. Currently CMDB Service data get ingested as Process in Metricstream. CMDB service table stores all high level service information which is high l...

Can we please have product also as an option along with the existing ones.

When multiple rows are added in the scope selection section of the Risk Assessment form and a questionnaire is selected, system sends the questionnaire to the entire list of scoped items as just one assessment. Expected - In the 'Perform IT Risk A...