Information Security Governance
GRACI helps you document and maintain your current or planned security policies, guidelines and controls, as well as the security standards and best practices adopted by your organization. Information security officers (eg, ROSI, RSI, CISO, CISO, etc.) can quickly have a state of health security within their organization.
Governance module allows you to:
Create and save authoritative documents (policies, guidelines, etc.)
Update authoritative documents
Alert the owner as the review date of an authoritative document approaches
Visualize the state of health of authoritative documents
Risk Management
GRACI helps you document and maintain security risks in your organization. These risks can be identified during security analysis and assessments. Key stakeholders in the risk management process can connect to the platform to record or modify risks. The platform also has features to define the risk criteria.
Audit and Compliance Management
GRACI allows you to record all authoritative documents to which your organization is subject and then to observe compliance discrepancies. You have the opportunity to know what your level of compliance is compared to an authoritative document. Authoritative consent may be a standard (eg ISO / IEC 27002), a policy, a directive, a registry of security requirements.
Incident Management
GRACI helps you document and maintain security incidents that occur in your organization. At any time, the Incident Management Officer may have an inventory of security incidents and the status of such incidents.