1. Introduction
    1. Licensing
    2. System Requirements
    3. Setup and Installation
  2. Getting Started
    1. Creating a Database
    2. RM Studio Users/Contacts
    3. Email Configuration
    4. Web Module Setup
    5. Web Module Update
  3. Navigating RM Studio
    1. Main Menu
      1. Save Function
      2. Import External Data
        1. Import Assets
      3. Clear User Cache
      4. Security
      5. Properties
      6. Languages
      7. Registration
      8. User Manual
      9. Manage Checkouts
      10. About
      11. Application Style
    2. Navigation Tree
    3. Tabs
    4. The Grid
    5. Context & Flow
  4. Common Entities
    1. Business Entities
      1. Asset Details - Basic Information tab
      2. Asset Details - Risks tab
      3. Asset Details - Categories tab
      4. Asset Details - Business Entities tab
    2. Contacts
    3. Teams
    4. Categories
    5. Assets
    6. Threats
    7. Standards/Controls
      1. How to: Standards, Regulations, Controls
      2. Standards Implementation Comparison
    8. Documents
  5. Gap Analysis
    1. How to: Gap Analysis
    2. Reporting
  6. Risk Assessment
    1. How to: Risk Assessment
      1. Risk Assessment Overview
      2. Adding Assets
      3. Adding Risks
      4. Evaluation Values
      5. Evaluating Risks
      6. Various Definitions
      7. Risk Assessment Reporting
    2. Risk Owner Tasks
    3. Risk Profile
  7. Web Module
    1. Dashboard
    2. My Tasks
    3. Reports
    4. Standards/Regulations
    5. Documents
    6. Incidents
    7. Risk Owner Web Solution
  8. Control Assessment
    1. Control Assessment Templates
    2. Control Assessment
    3. Reports - Control Assessment
  9. Risk Treatment
    1. How to: Risk Treatment
      1. Risk Treatment Templates
      2. Risk Criteria
      3. Asset Level
      4. Controls Tab
      5. Scheduling a Future Control
      6. Future Controls Tab
      7. Overview
      8. Reload Assets, Threats and Controls
    2. Risk Treatment Reports
  10. STPA
    1. STPA Projects
    2. Models and Diagrams
      1. How to: Create CS Models
      2. How to: Create CS Diagram
        1. Diagram Elements
        2. Models Progress Check
    3. Analyses
      1. How to: Define Purpose of Analysis
      2. Losses
      3. Hazards
      4. Relationship
      5. Constraints
      6. How to: Identify UCAs
      7. How to: Identify Loss Scenarios
        1. Loss Scenario Progress Check
    4. Reporting
    5. Global Properties
  11. Business Continuity Management Module
    1. Organization
      1. New Organization
      2. Stakeholders
      3. Resources/Processes
        1. Impact Analysis
        2. Requirements
    2. Incident Response/Recovery
      1. Associated Threats
      2. Plans
        1. Steps
      3. Maintenance
        1. Test plans
        2. Test Results
    3. Templates
    4. Maintenance
    5. Reports BCM
  12. Database Settings
    1. Database Upgrade
    2. Add Existing
    3. Remove
    4. Migrate
    5. Backup
    6. Restore
  13. Glossary
  14. Calculations

4.7.1.Standards, Regulations, Controls

How to: Deploy a Standard, Regulation, or Controls Set

Once you have registered your new RM Studio license, you may need to deploy a new Standard, Regulation, or Controls Set.

  1. Open the Standards/Controls from the Navigation Tree under Common.
  2. After the Standard tab opens in the work space, click the to Add Standard.
  3. In the popup window choose the Deploy a Standard, then in the drop-down list, select the new Standard. Click the to begin the deployment.
  4. The system needs a short bit of time to run the deployment
  5. Now it is a good idea to review the newly deployed standard, both to ensure the deployment was complete and to familiarize yourself with the information and format. If you want to add your own controls, standards or regulations proceed to the User Defined Standards.

User Defined Standards and Control Sets

Users can define their own standards and control sets for a more complete strategy to meet their risk management objectives. Use the Import function from the Main menu to input the new data quickly or follow the manual operation below:

  1. Click the to open the popup for creating a new standard, regulation or controls for use in RM Studio’s Gap analysis and Risk Treatment. By default the ‘Create a new standard’ is selected; click the OK button to initiate the action.
    If you want to add to the deployed standards, regulations, or controls go the next section below about ‘How to: Add New Clause or Control‘.
  2. Select the ‘Create a new standard’ and then click OK button.
  3. In the Item Details – General Information input a unique Name for reference of the new standard, regulation or control set.
  4. Input the Key name (shorthand name, e.g. GDPR) of new standard, regulation or control set.
  5. Input the Description of the new standard, regulation or control set and remember to be as thorough as possible in the description for other RM Studio users or stakeholders and auditors to clearly understand the new data.
  6. Save  the new standard

Example for adding a new control to a deployed standard (same instructions):

How to: Add New Clause or Control

  1. Click the  to add a new line item under the desired standard/regulation/control set. If the new control needs to be filed under a particular control group (already deployed), then select the ‘parent’ line item you want to add the new ‘child’ line item under.
  2. In the Item Details – General Information, input a distinctive Name for the new item, keeping in mind that others will be using the controls too.
  3. Input a unique Control Number and remember to be consistent with the numbering of the Standard/Control set you are adding to.
  4. Check the Group Header box if the new control is the head of a group of new controls. Group Headers do not populate in the Gap analysis or the Risk Treatment.
  5. The necessary actions for implementing the control are vital for clarity and consistency, when adding the new control. In the Description field, input the Implementation Guide or Protocol for the new control with clear and defined actions, so that other users can easily understand and consistently execute for a complete implementation.
  6. Save the new clause or control in order to index the item with the database table for control set.

 

Editing the Standards and Controls

The Standards clauses and controls can be edited. This should be handled with care and only done to adjust the clauses or controls to better fit the environment you will be auditing. You can revert to the default library:

  1. Access the Properties Window under the Main menu.
  2. ‘Reset Standard Data’ will return the data in the selected standard back to the original data.

 

 

« Standards/ControlsStandards Implementation Comparison »
Suggest Edit