Fast, flexible, scalable and easy to use GRC software for
Cyber Risk Management
Acuity Risk Management
- Maintain compliance with legislation and regulations, such as GDPR, ISO 27001, PCI-DSS and the NIST Cyber Security Framework.
- Do the cyber security basics well.
- Protect against real threats avoiding over or under spending.
- Help the business to make risk-informed choices on digital business.
STREAM is a solution for CISOs and their teams which takes a risk-based approach to managing cyber threats. It brings together all of the data required to understand cyber risk status in the context of threats to business outcomes. Its powerful aggregation and correlation features allow you to make informed decisions on the need for action, reducing the risk of damaging breaches and mitigating losses.
STREAM is an expertly engineered software platform available on-premises or as ‘software as a service’. Our innovative business model allows you to quickly configure your own cyber security risk management solution and prove the benefits before expanding across your enterprise, making it perfect for organizations wishing to move on from spreadsheets. You can download our STREAM Free edition, watch the online training and start seeing real improvements in your cyber security risk management.
The STREAM Portfolio consists of the STREAM software platform, pre-configured Application content and Productivity utilities. Multiple single-user ‘Personal’ and multi-user ‘Server’ editions of the software platform are available. A virtually unlimited catalogue of Application content is available for use with STREAM, including ISO 27001/2 and other ISO frameworks, GDPR, PCI-DSS and NIST. Productivity utilities allow you to quickly and easily upload your own content to STREAM. Acuity provides optional additional configuration services to create customer-specific content and mappings, interfaces with external data sources and customized workflow and reporting.
STREAM can be configured for multiple cyber security risk management applications and solutions, including: risk-based compliance with cyber regulations, policy and frameworks, such as GDPR, ISO 27001, PCI and NIST; effective and efficient ‘business as usual’ cyber security processes, facilitating the exploitation of opportunities from digitalization with risk-informed decision making, and; reporting to business leaders, in their language, on cyber security status, risk-based priorities and actions. STREAM also integrates cyber risk management seamlessly with Enterprise Risk Management, including business continuity, health and safety, environmental, vendor and monitoring of material business risks.
It is impossible to eliminate cyber security risk, so the question becomes one of risk acceptance. In order to accept risk, we need to understand risk and its context in relation to business outcomes. The more good information that we have on cyber risk status, the greater the chances of making correct decisions on risk acceptance. STREAM provides technology to capture, link and present cyber security information to increase the chance of good cyber security decisions. This in turn delivers the following benefits: higher likelihood of making the right choices around new business opportunities, particularly in relation to digitalization; increased agility to react to change; lower risk of fines and reputational damage from non-compliance with regulations, such as GDPR and PCI-DSS, and; lower risk of damaging cyber breaches.
Implementation of cyber security technologies and risk management solutions can in themselves be high risk projects with multiple stakeholders to satisfy. A STREAM solution from Acuity minimises this risk by allowing you to quickly and easily configure the software to your specific requirements, try it out on a low cost, entry-level system and prove the benefits before rolling it out across your organization.
Comprehensive and free online user and administration training is available to all licensed users allowing you to train yourself and refresh when needed.
Our training courses can be tailored to match customers' specific STREAM configurations and can be delivered on-site, by web meeting or as computer-based training.
For further information or a quote
Organisations using Acuity products
The Central Bank of Lesotho has been using STREAM to support its Enterprise Risk Management since 2012. The Bank started initially with Acuity’s free single-user Edition of STREAM extending in early 2014 to a 5 concurrent multi-user Edition and then again to a 10 concurrent user system in 2015. Acuity recently provided on-site training in to the ERM Team and senior management briefings. In general we found that the training was well organized and easily followed by all attendees. Relevant training material was sent ahead of schedule to allow adequate reading time prior to training taking place meaning consultancy time on-site was well utilized. The consultant from Acuity Risk Management overall was excellent and delivered the desired objectives that were set out around the needs from the Central Bank of Lesotho.
Teboho Mpheteng (Mr)
Enterprise Risk Management (ERM)
From the onset of the implemention of our ISMS, we needed a system for effectively managing our information assets, risks, controls and events, while being intuitive for staff to maintain; and evidencing compliance with ISO 27001 to a wide range of stakeholders. We are now upgrading our ISMS to ISO27001:2013 and we are sticking with our STREAM implementation. STREAM covers all our requirements, and provides scope for further expansion across the organisation.
Acuity have been an exemplary supplier, with passionate and extremely knowledgeable individuals, dedicated to providing prompt customer support.
NHS Wales Informatics Service
Synectics Solutions now rely heavily on STREAM for ongoing management of key aspects of their ISO 27001:2013 ISMS.
STREAM was pre-configured with the latest version of the standard and played a major role in our recent certification. The version we deployed, which includes web-based access, allows security champions across all business functions to be directly involved in the assessment of security risks and controls for their respective areas.