Citicus ONE Release 1.3 - Driving down information risk

Citicus ONE Release 1.3 introduces some major new features that reinforce its status as the most complete information risk management tool in the world. The new features include:

  • Rapid criticality assessments that can be completed by system owners in minutes, allowing inventories of information assets to be compiled and analysed
  • Dependency risk mapsTM that show the relationships between an enterprise's information resources and allow risk 'pinch points' to be quickly identified
  • Highly flexible licensing to support a scalable and proportionate approach to risk assessment and management, starting with rapid criticality assessments and leading to detailed information-risk scorecard evaluations
  • Updated versions of the Information Security Forum's Standard of Good Practice, 2003 and BS7799-2:2002 are shipped with Citicus ONE, allowing the level of compliance with these standards to be assessed and monitored
  • New approaches to gathering data on security incidents by allowing FIRM Brief incident assessments to be either issued centrally or 'volunteered' by those affected by incidents
  • Support for Windows XP Professional and MSDE (in place of full SQL Server) to allow for low-cost implementations (including laptop installations) of Citicus ONE
  • Integration with corporate directories using LDAP to allow administration of access to Citicus ONE to be linked with enterprise administration policies
  • Multiple approaches to user authentication (including LDAP, NTLM Windows authentication and Basic authentication), allowing flexible ways of granting users access to Citicus ONE

Contact Citicus for further details and for pricing information on Citicus ONE.

Criticality AssessmentCriticality assessments

The Citicus ONE criticality assessment can be completed by a system owner in a few minutes generating the criticality status report illustrated opposite.

Criticality assessments for multiple systems can be consolidated to produce criticality league tables, ranking the enterprise's information resource in terms of their relative importance to the organisation and summarising their need for protection in terms of their confidentiality, integrity and availability requirements.

Dependency Risk MapDependency risk mapsTM

Risk to an enterprise's information resource should be assessed, not in isolation, but in the context of the complex interdependencies between different systems.

Citicus ONE's unique dependency risk mapsTM allow pinch points in the risk chain to be identified and addressed.

This approach can be applied both to internal information resource and to services or systems supplied by external parties.

For more information, contact:

Simon Oxley, Marco Kapp or Sian Alcock, Citicus Ltd
Tel: +44 (0)20 7203 8405

Download PDF Back to News


Share this post