• STREAM Integrated Assurance Management
• Risk Management
• Compliance Management
• Events Management
• Metrics Management
• Assurance Objectives
• The STREAM Risk Engine
• STREAM Assistants
• The STREAM Integrated Assurance Platform

Products

Learn more about STREAM - the comprehensive risk and
compliance management solution

Solutions

Learn about the different ways STREAM is used

Industries

Find out which industries benefit from using STREAM

Resources

Want to download a datasheet? Go to our resources page

Contact Us

Use our enquiry form to contact us

Assurance Objectives

Whatever your assurance needs, STREAM’s powerful risk engine intelligently combines all relevant risk, compliance, events and supporting metrics data to provide succinct and meaningful information for senior stakeholders and business decision makers.

Supplier / Third Party Assurance

Use STREAM to raise assurance in critical third parties, or delivery partners.  Optionally carry out Compliance audits and Risk Assessments for third parties, and track Events (Incidents and Near Misses) affecting third party services or facilities.

Prepare tailored control sets for different categories of third party, and optionally produce questionnaires which can be emailed to third parties, completed offline, then returned and imported into STREAM.

Internal Assurance / Internal Audit

Improve the efficiency of your internal audits.  Allocate controls / groups of controls to specific individuals for assessment.  Use a control assessment scheme of your choice, and pre-define permitted answers and weightings.
Simplify the central tracking of control assessment status and improvement actions across the business, and for third parties.

Management System Development & Operation

Use STREAM to implement an assurance management system around your own choice of control standards, risk types and assessment schemes.

Build and operate an efficient, database driven Management System for information security, project/programme risk management, quality management..., or an Integrated Management System (IMS) combining multiple linked standards.

Compliance or Formal Certification

STREAM was designed to meet the requirements of management system standards such as ISO 27001.  STREAM supports the Plan Do Check Act management system model.

STREAM uses an Asset based approach to risk, compliance and events management, as defined in International and British standards.

STREAM provides the entire ISMS framework for ISO 27001, including asset identification and business modelling, risk and compliance assessment and residual risk measurement against appetite, risk treatment and improvement planning, trending and security Return on Investment calculation. 

Senior Management Reporting

STREAM provides valuable and meaningful information for senior managers, on the status of compliance across the business with key control standards, and on the level of residual risk measured in relation to defined business appetites.  It genuinely integrates compliance with risk management in a business context.  It achieves this through an innovative yet simple and logical approach that is easily understood and explained.

The STREAM user interface is based around clear and simple, hierarchical dashboards which reflect the structure of the business.

The meaningful dashboards are supplemented by a set of graphical barometers and gauges, which provide clear visibility of the essential compliance and residual risk summary data.

Project / Process Assurance

STREAM can be used to manage compliance, risk, events and supporting metrics data, to provide assurance across an organisation or any defined business scope.

STREAM can also be used to deliver a Project based approach to assurance management.

Define an unlimited number of projects, and group them in a hierarchy for reporting purposes.

Define relevant control standards for each project, or by project type.  Controls are then automatically presented for assessment by project representatives, with central reporting and tracking of improvements.

Optionally, carry out project based risk assessments, and record and track Events (Incidents and Near Misses) for your projects.

Use STREAM’s ‘at a glance’ dashboards and gauges to see which projects are operating within their defined risk appetite.

Register for email news

Latest

• Information Security Europe 2010

  Significant interest was expressed in the STREAM suite of products at Information Security 2010. It is clear that comprehensive risk and compliance management is becoming a key requirement for public and private organisations.

• STREAM Seminar - Ljubljana May 2010

  Richard Mayall presented a workshop in Ljubljana, Slovenia on 20 May 2010 on 'A better way to manage all your risks'. The workshop considered how STREAM can automate assurance management systems and support standards compliance.

• Risk appetite for information security

  Risk management best practice says that we need to manage risk in relation to risk appetite. But how do we do this for information security?

What are you looking for?