• STREAM Integrated Assurance Management
• Risk Management
• Compliance Management
• Events Management
• Metrics Management
• Assurance Objectives
• The STREAM Risk Engine
• STREAM Assistants
• The STREAM Integrated Assurance Platform

Products

Learn more about STREAM - the comprehensive risk and
compliance management solution

Solutions

Learn about the different ways STREAM is used

Industries

Find out which industries benefit from using STREAM

Resources

Want to download a datasheet? Go to our resources page

Contact Us

Use our enquiry form to contact us

Risk Management

Use STREAM as a risk management system to assess, manage and monitor information security risks.  Compare real-time risk status against risk appetite in each part of the business and overall.  Understand the highest risks and identify the control improvements that will provide the greatest value in mitigating risk.  Raise and track improvement actions through to completion.  Record and track incidents and near-misses and use the lessons learnt to refine your risk assessments.

Risk Modelling

• Identify Business assets, to provide a baseline for risk assessment
• Common/shared assets can be identified, reflecting real world dependencies
• Information processing – identify the information types which are processed, stored and communicated, and use the requirements of these information types to help you assess risk levels

Risk Identification

• STREAM Risk Registers allows managers to identify, assess, treat, track and report on ad-hoc business risks.
• Acuity’s flagship STREAM Integrated Risk Manager product automatically identifies the key risks from its fully configurable and extendable Threat Knowledge base, and presents them in simple, hierarchical risk registers.

Risk Assessment

• Configure your own preferred quantitative, qualitative or hybrid impact assessment scheme.  Optionally, enable STREAM’s Business Impact Assistant for semi-automated impact assessments
• Configure your preferred Likelihood/Probability scale.  Optionally, enable STREAM’s Threat Likelihood Assistant for rapid likelihood assessments based on centrally managed threat profiles

Risk Treatment

• Out of the box, STREAM automatically identifies the key control metrics / Key Risk Indicators (KRIs) for each identified risk, and weights them according to their relative importance

Key Risk Indicators

• Use the default KRIs, or extend the setup by defining your own metrics/KRIs.  These enable residual risk levels to be accurately measured.

Risk Measurement and Aggregation

• In real-time, STREAM constantly measures each of your key risks across the business, taking into account the key inputs: impact, likelihood and vulnerability due to control weaknesses
• STREAM aggregates all of this data up through the business model, as it changes in real time

Risk Acceptance / comparison with defined Risk Appetites

• Business managers can set risk appetites for different parts of the business and STREAM provides easy visibility of current risk status in relation to appetite.  As threat levels, the business criticality of information assets or control deployment status changes STREAM’s risk engine automatically recalculates risk status in real time.

Risk Reporting

• View reports such as Top Ten Risks, Residual Risk Summary and Risk History
• Define and export custom reports

Return on Investment (ROI)

• Understand the contribution to risk mitigation made by each control and see which controls provide the best value for money
• Model potential control improvements, including major infrastructure investments, to provide hitherto unavailable insights into the relative merits of each option, including aggregate potential risk savings from multiple threats to multiple information assets.
  
  
   

Register for email news

Latest

• Information Security Europe 2010

  Significant interest was expressed in the STREAM suite of products at Information Security 2010. It is clear that comprehensive risk and compliance management is becoming a key requirement for public and private organisations.

• STREAM Seminar - Ljubljana May 2010

  Richard Mayall presented a workshop in Ljubljana, Slovenia on 20 May 2010 on 'A better way to manage all your risks'. The workshop considered how STREAM can automate assurance management systems and support standards compliance.

• Risk appetite for information security

  Risk management best practice says that we need to manage risk in relation to risk appetite. But how do we do this for information security?

What are you looking for?