Menu

  1. Introduction
    1. Licensing
    2. System Requirements
    3. Setup and Installation
  2. Getting Started
    1. Creating the Database
    2. RM Studio Users/Contacts
    3. Email Configuration
    4. Web Module Setup
    5. Web Module Update
  3. Navigating RM Studio
    1. Main Menu
      1. Save Function
      2. Import External Data
        1. Import Assets
      3. Clear User Cache
      4. Security
      5. Properties
      6. Languages
      7. Registration
      8. User Manual
      9. Manage Checkouts
      10. About
      11. Application Style
    2. Navigation Tree
    3. Tabs
    4. The Grid
    5. Context & Flow
  4. Common Entities
    1. Business Entities
      1. Asset Details - Basic Information tab
      2. Asset Details - Risks tab
      3. Asset Details - Categories tab
      4. Asset Details - Business Entities tab
    2. Contacts
    3. Teams
    4. Categories
    5. Assets
    6. Threats
    7. Standards/Controls
      1. How to: Standards, Regulations, Controls
      2. Standards Implementation Comparison
    8. Documents
  5. Gap Analysis
    1. How to: Gap Analysis
    2. Reporting
  6. Risk Assessment
    1. How to: Risk Assessment
      1. Working with Assets
      2. Evaluation Values
      3. Evaluating Risks
      4. Various Definitions
      5. Risk Assessment Reporting
    2. Evaluation Templates
    3. Risk Owner Web Solution
  7. Web Module
    1. Dashboard
    2. My Tasks
    3. Reports
    4. Standards/Regulations
    5. Documents
    6. Incidents
    7. Risk Owner Web Solution
  8. Control Maturity and Effectiveness Assessment
    1. Control Assessment Templates
    2. Reporting
  9. Risk Treatment
    1. How to: Risk Treatment
      1. Risk Treatment Templates
      2. Risk Criteria
      3. Asset Level
      4. Controls Tab
      5. Scheduling a Future Control
      6. Future Controls Tab
      7. Overview
      8. Reload Assets, Threats and Controls
    2. Risk Treatment Reports
  10. STPA
    1. Intro to Models, Diagrams, Analyses
    2. STPA Projects
    3. Models and Diagrams
      1. How to: Create HCS Models
      2. How to: Create HCS Diagram
        1. Diagram Elements
    4. Performing the Analysis
      1. Setting up the Analysis
      2. System Level Hazards and Losses
      3. Step 1
    5. Reporting
  11. Business Continuity Management Module
    1. Organization
      1. New Organization
      2. Stakeholders
      3. Resources/Processes
        1. Impact Analysis
        2. Requirements
    2. Incident Response/Recovery
      1. Associated Threats
      2. Plans
        1. Steps
      3. Maintenance
        1. Test plans
        2. Test Results
    3. Templates
    4. Maintenance
    5. Reports BCM
  12. Database Settings
    1. Database Upgrade
    2. Add Existing
    3. Remove
    4. Migrate
    5. Backup
    6. Restore
  13. Glossary
  14. Calculations

5.2.Reporting

RM Studio includes a variety of reports that are necessary for the successful completion of certification or compliance audit. At this time 13 reports are available to you, including the Statement of Applicability (SoA), Risk Assessment Details, Gap Analysis, Risk Treatment and more.

Gap Analysis – Results: This report is basically the same report as the Statement of Applicability which is generated from the Risk Treatment results. This report allows you to generate the same report based on Gap Analysis.

GAP Analysis – Future controls (simple report): this report provides an overview of all Future Controls that have been defined for a given GAP Analysis. They are ranked according to date, so that the Control with the earliest date of implementation is shown first.
Assets with Threats: Like the name indicates the Assets with Threats report aggregates all the Assets from a single Assessment and their respective threats. For each Asset the report states which values the Asset Evaluation Values and Threat Evaluation Values have. The report also states the Security Risk for each Asset.
Asset with Controls: This report shows all Assets in Assessment and the Controls used to mitigate their risks. The user can see all controls from the ISO/IEC 27001 Standard as well as any user defined Controls. The status of implementation of each controls is also shown.
Executive Summary: Shows the most important Assets based on the CIA values (Confidentiality, Integrity and Availability). It also shows the most Valuable Assets. The user can choose the number of Assets to be reported.

Help Guide Powered by Documentor
Suggest Edit