SureCloud Launches IRAM2 and ISO27001 GRC Applications
October 2016 by Emmanuelle Lamandé
SureCloud announced the launch of its IRAM2 Risk Manager and ISO 27001 Accreditation Applications on the SureCloud Platform.
IRAM2, developed by the Information Security Forum (ISF), is a risk assessment methodology that helps businesses identify, analyse and treat information risk throughout. It embeds consistency and reliability during the assessment process: information risk is assessed by evaluating a variety of factors that comprise each risk equation. It is designed in a modular format to provide guidance in assessing each of these factors, and assist the practitioner in determining the ﬁnal residual risk rating.
SureCloud has worked with the ISF to develop an application that simplifies, automates and accelerates the IRAM2 risk assessment process, enabling businesses to utilise the methodology flexibly and more efficiently. The application reduces the number of sheets required to complete the assessment from 21 to 11, by removing repetition, and centrally storing data relating to the profile of the business.
Furthermore, the application aggregates data from multiple assessment results to present a continuous risk profile, pulling all key metrics into a single, live dashboard. This enables businesses to understand the risk that exists in its infrastructure and processes as well as threat events in real-time. In addition it delivers consistent results and a depth of analysis that enhances business decision making.
ISO 27001 is a specification for information security management systems (ISMS), providing a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving the ISMS. It uses a top down, risk-based approach and includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive actions.
The SureCloud application simplifies the accreditation process and monitors progress in addressing existing compliance gaps. It organises and manages the process, logging both policies and actions taken to close gaps, while integrating with the ISMS to manage and maintain standards once the accreditation has been achieved.
All SureCloud Services are underpinned by the SureCloud Platform.