_edited.jpg)
07 Risk Identification / Issues Management
Risk Cypher will support the enhancement and formalization of the risk identification and issues management program as needed and directed by the client.
Risk Cypher will maintain the availability of resources for the performance of the following activities:
● Enhance sources of risk identification to include all sources across the IT/CSRM organization
● Provide architectural, and solutions engineering support for the implementation of an Issues Management module in the identified GRC platform (Self-identified Issues, Risk Acceptances, Policy Exceptions)
● Support in formalization of the compliance, audit support, and exam preparation processes
Deliverables
In support of the objectives described above, Risk Cypher will also have responsibility for the following deliverables:
● Develop Issues Management Standard, procedures, and guidelines which covers risk identification, risk analysis, risk ranking, treatment, remediation, and acceptance