Introducing Risk 360, Our Platform For Identifying and Managing Security Risk

Risk 360 is our new digital platform which we use to support our clients as they improve their cyber security posture and reduce their organisational risk profile.

We developed this platform specifically for the needs of our clients, who are typically family offices and privately held businesses who are looking to enhance their overall security posture and practices.

The value proposition of Risk 360 is as follows:

Risk Assessment

Risk 360 allows us to assess an organisations security practices across people, process and technology dimensions. Our goal was to digitise this process in an engaging and accessible online tool which enables self assessment or an assessment process guided by QRI.

We are developing a large library of both industry standard assessments such as SOC2, and more proprietary assessments developed by QRI. These assessments can be combined to deliver an extremely detailed, rigorous and holistic assessment of your current security practices.

Risk Identification

Risk 360 helps to automatically analyse these assessments to identify and surface risk. Rather than needing an expert to manually analyse assessments, we aimed to automatically identify risks which may otherwise be missed and then surface these through an online dashboard and risk log.

Risk Remediation

The platform then takes the automation a step further and suggest steps to mitigate risks. Again, rather than requiring human analysis, we aimed to codify best practice suggestions into an objective engine which could generate a foundational remediation plan.

Collaboration

It was important for us to place collaboration at the heart of this process, such that IT security professionals, executive management, QRI and third parties could all contribute to a holistic view of the emerging risk profile.

Metrics

This whole process should of course be underpinned by metrics and a quantitative approach. To enable this, we developed a metrics, benchmarking and risk scoring model based on a proprietary framework to track how the organisation is performing over time.

Executive Visibility

Risk 360 aims to break information out of siloed informations security tools, and expose risks to executives in an easy to consume format.

Third Party Risks

If your partners and vendors are not secure, then neither are you. We therefore extended Risk 360 such that partners could contribute their own risk assessments which are passed through the same assessment and risk management processes as your own organisation.

Continuous Assessment

Finally, we wanted to move this whole process of metric driven assessment and remediation into a continuous process which is continually revisisted. The threat landscape and your organisations processes are not standing still, so an annual security audit is not fit for purpose. Instead, continually optimising your security practices has to be ingrained deeply into your organisations operating mode.

All told, we believe we have met our ambitious aims for this platform. Risk 360 is a new type of collaborative digital platform which spans the full lifecycle from initial risk assessment through to a fully remediated end goal.

To learn more or setup an informal demo, please reach out to us today.