HCL Technologies helps enterprises reimagine their businesses for the digital age. Our technology products, services and engineering are built on four decades of innovation, with a world-renowned management philosophy, a strong culture of invention and risk-taking, and a relentless focus on customer relationships. HCL offers an integrated portfolio of products, solutions, services, and IP through our Mode 1-2-3 strategy built around Digital, IoT, Cloud, Automation, Cybersecurity & GRC, Analytics, Infrastructure Management and Engineering Services, amongst others, to help enterprises reimagine their businesses for the digital age.
HCL’s Governance Risk & Compliance services are designed to help your organization better identify, understand and manage the dynamic interrelationships between risk and compliance and incorporate those disciplines into daily business activities. Powered by its rich experience, HCL has developed an industry specific GRC solutions portfolio, which offer a combination of advisory services, methodologies, and tools, to address both the regulatory and strategic needs of an enterprise. HCL’s solution portfolio includes business domain and technology expertise, a unique combination which drives a successful GRC program within an enterprise. HCL GRC services are designed as a global, unified risk and compliance framework that can be vertically tailored to an organization's specific needs, allowing you to assert more control over complex and ever-changing risk and compliance dynamics.
With ever-growing digitalization of services and products, information risk and cyber security events are on the rise. Organizations need to move away from being in an ever-responsive state of reacting to incidents and creating corrective controls to building a predictive and preventing mechanism. The IRAM2 framework by the Information Security Forum (ISF) helps develop this robust mechanism to assess and treat information risk throughout the organization as a business essential.
The HCL IRAM2-Aligned Risk Assessment app-pack developed provides a systematic and automated way to perform risk assessment based on the Information Risk Assessment Methodology v2 (IRAM2) as developed by the ISF.
- Develop an environment profile and define the scope of assessment
- Identify information assets in the environment and assess the business impact
- Identify and prioritize the relevant threats to the environment being assessed
- Identify the degree to which the information assets in the environment being assessed are vulnerable to each in-scope threat event
- Evaluate the likelihood of success, residual likelihood, the residual business impact rating, and the derivation of the residual risk rating for each risk
- Determine a risk treatment approach for each identified risk
- Review analytics on how risks affect the information assets and organization
- Comprehensive risk coverage with readily available threat and scenario library, reducing the chance that significant risk is overlooked
- Develop a risk profile that reflects a view of information risk in business terms
- Manage the complete risk assessment cycle in a single offering
- Gain insight on the highest rated threats and scenarios and reduce risk across the organization
This offering requires the following use cases including:
Supported Platform Version
HCL IRAM2-Aligned Risk Assessment app-pack was developed for and validated on RSA Archer Platform release 6.3 P2.
RSA Archer On-Demand Application (ODA) Licenses
Three (3) RSA Archer On-Demand Application (ODA) licenses and two (2) questionnaires are required for the HCL IRAM2-Aligned Risk Assessment app-pack.
Additional licensing fees will also apply. To learn more, please contact HCL Technologies at CFS-GRC-PMG@hcl.com.
For More Information
To learn more about HCL IRAM2-Aligned Risk Assessment :
- Read the HCL IRAM2-Aligned Risk Assessment app-pack implementation guide; and
- Learn how to obtain the HCL IRAM2-Aligned Risk Assessment app-pack installation package.