Where to Start?

RiskWatch products are Software as a Service, cloud-based solutions that are purchased right here on our website following the four simple steps below.

SecureWatch work flow

Stage 1 – Relevant facility data (Organizational information, Criticality, Consequence, Threat Level, & Evaluation Criterial) is identified and entered into SecureWatch.

Stage 2 – Facility personnel that have knowledge of the Facility’s security posture are identified and designated as Site Contacts in SecureWatch.

Stage 3 – Surveys are distributed by SecureWatch via email to the Site Contacts identified in Stage 2 to evaluate the Facility’s security controls.

Stage 4 – Assessment is ready for analysis. Facility Risk Scores are calculated based on Facility Criticality, Consequence and Threat level from Stage 1 and a Gap Score based on the Survey results from Stage 3.

Stage 5 – Security Gaps are identified based on the survey results in Stage 3.

Stage 6 – Gap mitigation recommendations are given by the Administrator.

Stage 7 – Remediation Tasks based on the Administrator’s recommendations (and/or recommendations provided by the Site Contacts) are assigned by the Administrator and managed by SecureWatch.

Stage 8 – Final Report is Generated by SecureWatch for review by Upper Management or Auditors.

If You Need Assistance with Implementation

After purchasing a RiskWatch product, you may decide you would like some assistance implementing the solution into your current risk management or compliance program. Your success is our number one priority. RiskWatch offers support packages for every client’s unique needs. We can help you adapt and customize your RiskWatch product to make it seamlessly integrate with your current process by offering:

• User Training

• Technical Support

• Custom Content

• New Feature Requests

• Advise and Suggestions

Your Content

One of the most important components of  SecureWatch is the survey content. You will need to select question sets from our content library based on what you are assessing. Is it regulatory or industry compliance, enterprise risk, or supplier risk? Do you want to assess your organization’s security profile to standardized best practices. Maybe you want to assess each department or business unit’s compliance to your organization’s policies.

Each of these unique assessment types leverages survey questions from the RiskWatch content library. When you initiate your subscription, you will be asked to select the question sets that you will need to complete your assessments.

Examples of  Available Survey Content

GLBA Compliance    FFIEC    NCUA    CFPB    Supplement to Authentication in an Internet Banking Environment    SOX    HIPAA    NIST 800-66   HITECH   OCR Risk Analysis Final Rule    Omnibus   IAHSS 2009    FEMA 426   OSHA 3148    Joint Commission    California Health & Safety Code 1257.7   Center for Missing and Exploited Children    Pharmaceutical Security    Workplace Violence Prevention    Cash Handling & Processes    COBIT 5    ISO 27001     NIST 800-53     ISO 27001    PCI DSS     NFPA 1600     C-TPAT    Business Continuity    Vendor Risk    Project Risk    Wind Farm Security    AEO    Anti-Money Laundering    NIST Cybersecurity Framework

The library is constantly growing and being updated. If there is a standard or regulation that you need and do not see in the list above, you can upload the question set yourself using our upload template. Or, you can take advantage of our customization services to create a version of the software that matches your unique needs.

Upload Your Own Survey Content

Using the upload template, you can add questions to the survey module that currently do not exist in the software. This can be from government regulations, industry standards, best practices, or your own policies. These can be easily added using SecureWatch’s bulk upload process where you just fill in the details of your survey questions into a spreadsheet template that is generated by the software. Then upload the file back into SecureWatch.

Each question can be weighted so some can have a greater impact on your risk/compliance score than others. For example, your question asking if a facility has a perimeter fence may be weighted higher than your question asking if there is barbed wire at the top of the fence.

Questions are also mapped to vulnerabilities allowing you to determine where you where you are most vulnerable.

Using the Survey Roles and Facility Type filtering within the questions, you will be able to ensure that personnel only receive survey questions that are relevant to them and they are qualified to answer.

You can also customize the response types for each question. Standard responses include, yes/no, 1-10, control maturity level, text, file upload, and diary/journal response. Add your own custom forms and multiple choice response types.

Use the Control Standard field to give the survey respondent more clarity as to why the question is being asked, or give additional information about the regulation/standard/policy that the question refers to.