Entities

For customers using the RiskVision solution to build and deploy a risk and compliance management solution, there are two main components to be concerned with:

  • The first component is determining the controls and subcontrols that you want to enforce or monitor across your organization, for example to measure security risk across the various computers and other IT assets/entities across your organization.
  • Using the RiskVision solution , you can choose from standards-based risks and controls already provided in the Resolver content library. You can then add and combine controls to create a customized “Organization Content” collection of controls that are used in creating programs, performing entity assessments and risk evaluation across your organization.
  • The second component very closely tied to controls is the collection of your organization’s combined entities or resources. Accessing groups of entities from the RiskVision solution, you can apply or evaluate controls for selected entities included in an assessment, measure or monitor their compliance, and calculate associated risk. Resolver provides the capability to capture information and inventory nearly any item of value within your organization (referred to as entities), from IT resources such as computers, systems, and applications to non-IT resources such as property, business equipment, business operations, people, vendors, and processes. In addition, using methods such as ERM, you can model the processes, sub processes, and business objectives that you want to evaluate for risk.