Risk Watch

Risk & Compliance Management Software & Services

Demo

RiskWatch Implementation

Where to Start?

RiskWatch products are Software as a Service, cloud-based solutions that are purchased right here on our website following the four simple steps below.
Sign up for instant access to a free trial
*Professional email address to activate trial

Step 1

Start for Free

Our software is free to use – no payment information is required. Once you’ve met your limit of free assessments, extend your use by purchasing licenses based on the number of Users or the number of Areas you will be assessing.

Step 2

Purchase Licenses

How Many Users? Our Pricing is based on how many user accounts you will have or how many areas you will be assessing. Each User or Area to be assessed requires 1 license. An Area is anything that is the target of an assessment, such as a facility, supplier, client, etc. We provide quantity discounts on licenses.

Step 3

Select Content

Select your content libraries. This will be relevant to the type of assessment you’re performing, such as using our HIPAA library in a hospital security assessment or our ASIS library in a vendor physical security assessment. You can also upload any of your own content.

Step 4

Configure and Assess

Create specific users and assets. Once user accounts and assets are created, you can create/begin assessments. Do a preliminary assessment to see where risk lies and then create a custom report to see the data gathered from the assessment.

Self-Assessment Workflow

  • Stage 1 - Relevant asset or scope data (Organizational information, Criticality, Consequence, Threat Level, & Evaluation Criterial) is identified and entered into the RiskWatch application.
  • Stage 2 – Personnel that have the required knowledge of the organization’s processes, policies, and/or controls are identified and designated as Contacts in the application.
  • Stage 3 – Surveys access is distributed by the application via email to the Contacts identified in Stage 2 to evaluate the processes, policies, and or controls in place.
  • Stage 4 – Assessment is ready for analysis. Risk Scores are calculated based on Criticality, Consequence and Threat level from Stage 1 and a Gap Score based on the Survey results from Stage 3.
  • Stage 5 - Gaps are identified based on the survey results. Gap mitigation recommendations are given by the application Administrator.
  • Stage 6 – Remediation Tasks based on the Administrator’s recommendations (and/or recommendations provided by the Contacts) are assigned by the Administrator and managed by the application.
  • Stage 7 – Final Report is Generated by the application for review by Upper Management or Auditors.

If You Need Assistance with Implementation

After purchasing a RiskWatch platform, you may decide you would like some assistance implementing the solution into your current risk management or compliance program. Your success is our number one priority. We offer these services at an additional cost, and you are able to buy support in 4-hour groupings. RiskWatch offers support packages for every client’s unique needs. We can help you adapt and customize your RiskWatch product to make it seamlessly integrate with your current process by offering: User Training Technical Support Custom Content New Feature

User Training

User Support

Custom Content

New Feature Requests

Advice and Suggestions

Your Content

After purchasing a RiskWatch platform, you may decide you would like some assistance implementing the solution into your current risk management or compliance program. Your success is our number one priority. We offer these services at an additional cost, and you are able to buy support in 4-hour groupings. RiskWatch offers support packages for every client’s unique needs. We can help you adapt and customize your RiskWatch product to make it seamlessly integrate with your current process by offering: User Training Technical Support Custom Content New Feature
Each of these unique assessment types leverages survey questions from the RiskWatch content library. When you initiate your subscription, you will be asked to select the question sets that you will need to complete your assessments.

Survey Content Libraries

  • Adaptable to all industries
  • Meet regulatory penetration testing requirements (PCI, FFIEC, HIPAA).
  • Validate the effectiveness of your perimeter controls.
  • DEA
  • FEMA
  • CIP-014
  • ASIS
  • C-TPAT
Over 30 Others!

Performing Mobile Assessments

Upload Your Own Survey Content

Using the upload template, you can add questions to the survey module that currently do not exist in the software. These can be from government regulations, industry standards, best practices, or your own policies. These can be easily added using your product’s bulk upload process where you simply fill in the details of your assessment questions into a spreadsheet template that is generated by the software. Then upload the file back into your RiskWatch platform.
Each question can be weighted so some can have a greater impact on your risk/compliance score than others. For example, your question asking if a facility has a perimeter fence may be weighted higher than your question asking if there is barbed wire at the top of the fence.
Questions are also mapped to vulnerabilities allowing you to determine where you where you are most vulnerable.
Using the Survey Roles and Facility Type filtering within the questions, you will be able to ensure that personnel only receive survey questions that are relevant to them and they are qualified to answer.
You can also customize the response types for each question. Standard responses include, yes/no, 1-10, control maturity level, text, file upload, and diary/journal response. Add your own custom forms and multiple choice response types.
Use the Control Standard field to give the survey respondent more clarity as to why the question is being asked, or give additional information about the regulation/standard/policy that the question refers to.
Reduce exposure to liability. Manage risk. Monitor and maintain security. Track continuous improvement. Sign up for instant access to a free trial.
Professional email address to activate trial

Hosting

RiskWatch products are a hosted solution on the web. The main objective of these tools are to save time and energy utilizing the power of internet to consolidate data from all the departments or resources working from different locations of the globe.

RiskWatch products are typically hosted on RiskWatch’s secure servers. They may also be hosted on your organization’s intranet infrastructure, for additional cost. For information regarding self-hosting RiskWatch products, contact RiskWatch support. If hosted in an intranet, they need access to an exchange server or an email server to send email notifications to their users.

 

Security

Data between the customer’s browser and our server is encrypted using AES 256bit encryption. All information contained in the database has AES-256 encryption and PBE with MD5 & Triple DES, to which RiskWatch International controls the encryption key.This database is also backed up daily and sent to an offsite location in Amazon S3 where it is re-encrypted and stored for Disaster Recovery and Business Continuity.
Access to the software is password protected. You can configure password complexity requirements, expiration, max number of failed login attempts, and session length.