Framework
Framework
The Risk In Deep Framework
Risk In Deep was conceived to bring together a series of services (Common Service Engine, typical of a Security Governance model based on the PDCA cycle - Plan Do Check Act) to the compliance activities required by the various standards or regulations of the security sector: Risk Assessment, Risk Management and Audit.
Through these three services it will be possible to adopt an integrated approach to compliance with the various standards and regulations governing the field of information security: Information Security, Cyber Security, Data Protection.
Technical features
Developed in PHP 7.3 / mySQL.
Accessed in SAAS mode.
Tool licence for an annual fee.
Data extraction in open mode.
Possibility of creating restricted areas for each organisation, guaranteeing data segregation.
The identification and authentication mechanism are based on user IDs and passwords that meet the minimum requirements for the robustness of access credentials.
All accesses and operations carried out by users are tracked.
The system provides for different authorisation profiles distinguishing between those who have the possibility of modifying the libraries, creating new types of Entity or attributes and the data owners who will be able to valorise all the attributes of competence according to the organisational unit they belong to.
The support and assistance service will provide for the systematic updating of the libraries and of the reports according to the normative changes.
For each module, templates are available for bulk data loading.