Control assessment templates are used to qualitatively evaluate implemented controls. RM Studio includes a default Control Assessment Template that users can edit, prior to first use, or add their own control assessment evaluations. To open the Control Assessment Template for reviewing the default or creating a new template, double click “Control Assessment Templates” under the Risk Management – Templates and Profiles from the Navigation tree. You will notice a popup window open to the right titled Control Assessment Template. The Standard Control Assessment (default) will be highlighted. Click the small, hollow arrowhead on the left to open the Control Assessment and Control Effectiveness values (Initial, Repeatable, etc.). The Standard Control Assessment consists of 5 values for assessing both the Control Assessment Maturity and Control Effectiveness. Each of the five values has a numerical Factor value that is used to calculated the Control Implementation Assessment scoring. The CA factor values are applied to the controls that are used in the Risk Treatment when using the CA. *Note: when creating a new Risk Treatment you have the option to use the Risk Assessment and the Gap analysis or use the Risk Assessment and the Control Assessment, which includes the Gap by default. Note: The algorithm used for calculating security risk is most accurate when factor values start at value 1 (one) and the increment between values is 1 (one). 8.1.Control Assessment Templates
How to: Control Assessment Template
How to: Create a new Control Assessment Template
button to save the newly created/edited template.