Our powerful, web-based Citicus ONE risk and compliance management software delivers the full range of functionality you need to:
- measure the level of risk posed by the assets, entities, processes and / or activities on which your enterprise depends, including
IT- or paper-based information systems, suppliers,
sites and business processes

- manage the risk they pose down to the level that your top management or risk committee determine is acceptable (ie that reflects their risk appetite)
- achieve compliance with the full range of policies, standards and regulations that apply.
The system is designed to help you manage risk and compliance reliably, efficiently and in a way that builds support from:
- the business eg asset 'owners', line managers, senior executives
- key professionals eg IT, IT security, health
& safety, security, risk management, internal / external audit
- external stakeholders including customers, trading partners, regulators, investors, the public.
Designed for deployment across private- and public-sector enterprises of all sizes, it can be:
- installed in-house and accessed across your corporate intranet
- delivered as a hosted service, with users gaining secure access to it across the Internet
- installed on a laptop if need be for demonstration, training or small-scale use.
Deployment is easy since no software need be installed on users' machines (users simply interact with Citicus ONE's rich capabilities via their browsers and obtain high-quality results that they can view, file or circulate in PDF form).
Further information can be found under the following headings:
|
'Out of the box' you can deploy Citicus ONE to evaluate the
following key areas of risk:
- information risk (including privacy impact assessments and compliance with ISO 27000, COBIT, ISF SoGP, PCI-DSS)
- supplier risk (service risk, relationship risk)
- site risk (security, health and safety).
You can vary the precise issues probed in these key risk areas and can configure Citicus ONE
to evaluate other areas of risk and compliance that may be important to you (eg process risk). |