Project Description

What is the Information Technology Risk Assessment?

The Information Technology Risk Assessment Tool is the world’s first software-as-a-service (SaaS) cloud-based information technology risk assessment tool that helps organisations to identifymitigate and manage information technology risks across the following dimensions and over 650 different risk factors:

Internal Risks

  • Risk Management – IT Risk Management Framework, IT Risk Strategy, Governance and Oversight, Organisational Management of IT, IT Policies and Procedures, IT Risk Reporting, Change Management, Developing an Information Asset Profile, Data Quality Framework, Business Continuity Planning, Disaster Recovery, IT Program and Project Management, IT Training, Employee Risks and Third Party Relationship Risks
  • Systems Development Lifecycle – Project Initiation and Scoping, Proof of Concept, Design, Development, Testing and Integration, Implementation and Deployment, Post Implementation Reviews, Business and IT Operational Management, Maintenance and Disposal
  • Threat Assessment – Threat Type (Organisational, Business Process, Data and Systems), Technical Threats (Hardware and Software, Accidental or Deliberate Damage, Destruction or Misuse of Data, Interception and Impersonation), Physical Threats (Loss from theft, vandalism or sabotage or accidental damage), Environmental Threats and Support Infrastructure Threats (Power Supply, Telecommunications, Support Environment).

External Risks

  • Risk Management – includes the same risk categories as above for internal risks but this dimension is used for assessing the risks of dealing with external vendors and other third party suppliers, using the same criterion
  • Threat Assessment – includes the same risk categories as above for internal risks but is used for considering when threats arise from outside your organisation.

The Information Technology Risk Assessment draws on the learning’s from a range of leading edge IT risk assessment methodologies such as, COBITFAIR, MEHARIOCTAVE and several others and creates a new and comprehensive methodology, accessible securely in the cloud at any time, from anywhere and from any device.

Risk assessments can be completed across all dimensions or can be limited to a single dimension only. After the risk assessment has been completed a PDF report is generated with an inherent and residual risk matrix, plotting the risk concentration across all risk factors.  The PDF report also contains a model assessment view outlining the actual score vs. maximum score and detailed user responses, which is stored as documentary evidence for independent audit purposes.

The Information Technology Risk Assessment Tool tailors questions specific to over 30 different industry sectors.  It is fully customisable  questions, dimensions, scores and weightings can be added, modified or removed on an individual or grouped basis.  

The product also contains a pre-configured country risk assessment, which has an overall country risk score assigned against 260 countries and territories, derived from over 25 reliable and independent sources and is a summarised version of another of our product offerings –

To access the tool you will need to subscribe to this service which starts from just USD$999 for an annual license.  You can purchase additional user licenses and consulting services to support you in using the tool.

If you would like a free limited functionality, limited time trial version of the product please send us an email.

Who is the target audience?

The Information Technology Risk Assessment Tool is targeted at any audience that is interested in IT risks and includes (but is not limited to):

  • Chief Information Officers
  • Chief Risk Officers
  • Data Integrity Officers
  • Information Risk Staff
  • Information Security Experts
  • Information Technology Staff
  • Hardware and Software Suppliers
  • IT Outsourced Service Providers

Click play on the video to find out more…

Click here if the video clip does not open directly in your browser.

To view our product overview, please click on the PDF image below or to view a sample of the IT Risk Assessment Report output click on the report icon.