Cyber governance is the wrapper around your entire risk management strategy. Cyber governance is a set of practices and responsibilities for cyber effective risk management.
What is the X-Analytics governance module?
The X-Analytics Cyber Governance Module was designed to help you understand your overarching cyber responsibilities and practices. These responsibilities and practices wrap around all other mitigation and transfer strategies to ensure stability, fiscal soundness, and due diligence.
The Cyber Governance Module determines your govern function implementation, your governance rigor, and your risk management effectiveness.
The govern function is an understanding of the organization's risk management strategy, risk expectations, and related policies. It includes outcomes to inform what your business may need to achieve and prioritize, such as organizational context, risk management strategy, role and responsibilities, cyber policy, oversight, and cybersecurity supply chain risk management.
Governance rigor is the degree at which your business has an organization-wide approach to cyber risk. This includes monitoring cyber risk with other operational risks, ensuring the cyber budget is based on current and predicted risks, implementing a executive-sponsored cyber risk vision, promoting that cyber risk management is part of the culture, and quickly accounting for changes to the business.
Risk management effectiveness is the degree at which your business has reduced cyber risk based on your unique risk profile and the current threat condition. This includes your effectiveness against web application attacks, point of sale intrusion, payment skimming, insider and privileged misuse, human error, physical theft and loss, firmware (including ransomware), cyber-espionage, denial of service attacks, and unknown activity.
Can I set targets at which to aim my actions?
Yes. Since targets are one component of cyber risk governance, the Governance Module includes the ability to set targets for cyber exposure, control effectiveness, and the dynamic cyber governance score.
Cyber Exposure Target
Within the X-Analytics application, you set your cyber exposure target. You can then use this target to aim your risk transfer and risk mitigation actions.
Control Effectiveness Target
Dynamic Cyber Governance Target
What's included within the governance module?
The governance module is a "free" add-on module. This module adds "new" profile builder inputs, "new" cyber risk governance calculations for trending and guiding purposes, and a "new" cyber governance report to observe and communicate your current cyber governance condition.
Govern Function
The govern function captures information related to organization context, risk management strategy, roles and responsibilities, policy, oversight, and cybersecuriyt supply chain risk management.
Governance Rigor
Governance Targets
Risk Management Effectiveness
Cyber Governance Report
In Summary
The X-Analytics Cyber Governance Module was designed to help you understand your overarching cyber responsibilities and practices. This module determines your govern function implementation, your governance rigor, and your risk management effectiveness. Additionally, this module provides a means to set targets at which you can aim your cyber governance actions.
This cyber governance module is a free add-on module to all X-Analytics subscribers. This module adds "new" inputs to the X-Analytics profile builder, add new calculations for trending and guidance purposes, and adds a new report to help you observe and communicate your cyber governance condition.
If you have additional questions, please contact your Customer Success Team Member.
Comments