RiskVision runs an enterprise web application on an Apache Tomcat server. Users with different roles can set up and use RiskVision to perform IT-GRC tasks, such as:
- Creating users, teams, and roles;
- Defining and storing information about assets and entities;
- Setting up assessment programs and defining the process to evaluate compliance and risk;
- Evaluating vulnerabilities and controls; and
- Reporting on all aspects of an organization’s risk and compliance status.
Users monitor and control RiskVision operations based on the roles and associated permissions assigned to them by their RiskVision administrator.
RiskVision stores all data, such as risk information and questionnaire responses, in a relational database.
Additional connectors installed and configured in your environment can extend the system’s capability. For example, customers can use connectors to automatically evaluate and return control results, evaluate and send vulnerability information to RiskVision. Connectors can also be used to integrate with other third-party applications and systems that provide services such as security event detection, and vulnerability scanning and tracking.
To start using RiskVision, you must connect the RiskVision Server computer to a network that has TCP/IP connectivity. Depending on your requirements, installing RiskVision on the same network as the systems and computers you want to evaluate may provide additional monitoring, management, or reporting capabilities.