With a one-button click from the GRC, ServiceNow Risk Register users can directly run RiskLens risk assessments, then export the results back to the register where risks can be prioritized and managed based on financial impact to the business.
With the synergy of a risk register and quantitative cyber risk analysis, clients can:
The RiskLens platform is built on Factor Analysis of Information Risk (FAIRâ„¢), the international standard for cyber risk quantification, recommended by the National Institute of Standards and Technology (NIST) in the NIST Cybersecurity Framework and NISTIR 8286, the new standard for Integrating Cybersecurity and Enterprise Risk Management. ServiceNow users can align their Risk Registers with the standard FAIR taxonomy to clarify communication on risk across risk management, security operations and the business.
Screenshot: Quantified risk results stored within the ServiceNow Risk Register
Users of the RiskLens platform leverage such advanced features as:
The deepening partnership with ServiceNow is another facet of the expanding reach of FAIR and the RiskLens platform. Recently, IBM announced Risk Quantification Services centered on FAIR analysis and the RiskLens platform, joining the previously announced alliance with Protiviti.