We have been suggested the idea of build risk questionnaires that when sent to risk stakeholders will collect risk attributes (classification, descriptions, threats, potential controls, etc).
That would then be reviewed by the risk analyst and could become a risk.
Anyone seeing any potential here?
Regards
I’m a proponent of FAIR risk assessment. It’s probably a bridge to far for Eramba to have a monte-carlo simulator but FAIR BASIC should be doable.
Sorry for the crappy reference below. The good one was taken offline and is only available in the FAIR book.
I know this is an older subject, anyone able to find a way to make FAIR risk assesment work with Eramba ?
impossible to happen this year, very unlikely to happen next year … and i’m referring to FAIR methodology, the idea of using OA’s to collect risk , compliance, etc is still on our heads. We want to improve collection of information in eramba using workflows, OAs or other ways, we are still not sure which is the best way.
this is the latest update coming on the risk module: Question - New Risk Methodology (European Banking Authority)
we need workflows, better performance, polishing existing features, etc … sorry other priorities.