stream: integrated management systems · systems, such as an iso 27001 information security...
TRANSCRIPT
STREAM: Integrated Management Systems
© Acuity Risk Management LLP 2017
With STREAM you can automate individual or multiple integrated management
systems, such as an ISO 27001 Information Security Management System and a wide
range of other management systems for cyber security, business continuity, health,
safety and environmental, quality or supply chain management. STREAM supports all
aspects of the international management system Plan, Do, Check, Act (PDCA) Cycle.
Enterprise GRC Software
Plan (Establish the Management System)
Record assets and scope
Specify risk and control assessment approaches, measurement criteria and thresholds
Tailor the risk assessment scheme
Identify, analyse and evaluate risks
Identify and evaluate risk treatment options
Review residual risk and present for approval
Report on Top 10 risks by MS or across multiple MSs
Prepare a Statement of Applicability
Support for the PDCA Cycle
Check (Monitor & Review the MS)
Log incidents and near misses
Record the impact of incidents and link to risks and controls
Tailor the incident recording criteria
Report on incidents and near misses by MS or across multiple MSs
Monitor the performance of key control indicators and key risk indicators
Report on control effectiveness, history and trends
Review risk assessments
Monitor risk status against risk appetite and risk ac-ceptance
Report on risk history and trends Do (Implement & Operate the MS)
Formulate a risk treatment plan
Measure and monitor the effectiveness of controls
Tailor the control assessment scheme
Report on the effectiveness of controls by MS or across multiple MSs
Act (Maintain and Improve the MS)
Raise improvement actions, assign ownership, and target dates and link to supporting documents
Track improvement actions
See the effect of completed actions on risk registers and reports
Unrivalled configurability Easy to use Scalable Actionable intelligence
Example Risk Register (single MS)
Example Group Summary (multiple MSs)
Contact Us
For further information on
STREAM or Acuity Risk
Management please contact us:
www.acuityrm.com
+44 (0) 20 7297 2086
@AcuityRM
Acuity Risk Management
Acuity Risk Management
London-based, Acuity Risk
Management was formed in
2005 to provide integrated risk
management and compliance
software solutions and services.
STREAM Integrated Risk
Manager was launched in 2007
and adopted by major
corporations and government
agencies for a range of risk and
compliance applications,
including Cyber Risk, Enterprise
Risk Management, Operational
Risk, Business Continuity,
Health, Safety and
Environmental Management.
Acuity’s consultants have
implemented risk management
processes and software
solutions for hundreds of
organisations in every major
business sector. STREAM itself
is being used in over 100
countries. Watch a demo video
or download the free single-user
version of STREAM on our
website. Example control deployment status
(multiple MSs)