Feature - Asset Parent / Child definition

When you create an asset you do so for the purpose of documenting:

  • a risk (asset risk or third party risk)
  • data flow analysis

related, but not mandatory:

  • account review
  • compliance analysis
  • incidents

assets obviously relate to other assets, a laptop has software and software handles data. there you go, three assets. in the scope of the features mentioned above, the relationship of this assets can be used to implicitly say if the parent asset is affected then the child assets are or might be affected too.

this was highlighted before by a german guy (@shuzhe.yang) but unfortunately i can not find the post. maybe he can! this topic was raised to me by @mario.walter too but more in the form of a bug.

if we would allow users to define parent/child relationships in between assets (which is complicated to keep updated in my opinion and unless we find a very good user interface hard to visualise) how would be use that in eramba for the benefit of the features in scope:

mandatory:

  • a risk (asset risk or third party risk)

i create a risk and select an asset that has a parent or a child, eramba warns and allows you to “click” on the modal were another modal opens and you can see those relationships and decide if you add the other items to the risk or not?

  • data flow analysis

i have a “Data asset” which i want to analyse in terms of data flows - same as before eramba will inform me that there are related relationships?

We are open to do this but i want to visualise the long picture not just relating assets so we can see that relationship. in eramba we are cautios of making the software complicated to use (which is already) without a very clear application.

1 Like