Create and track POA&Ms in C1Risk and export reports for key stakeholders and to meet regulatory requirements for CMMC, FedRamp (20X), GLBA and more.
Assets can be tracked and mapped to your risk register, internal controls, and any issues (findings) in the C1Risk platform. Assets can also be related as upstream or downstream associations. For example, vendors can be associated to business systems or units they are working on as part of their engagement with the enterprise. This enables a more comprehensive view of how risk impacts the business.
The value of your assets and their impact to the organization - actively or when compromised - is a critical factor in the development of your risk and compliance program. Asset value informs inherent risk on the C1Risk platform and can be tracked against a single or related assets. C1Risk provides multiple templates for impact analysis, ranging from simple scoring, CIA ratings, and specific business line impact, or you can configure your own. Learn how to do your asset impact analysis here.
Pre-configured assessment templates for vendor risk, security review, compliance review, asset impact analysis and more, are all available in the C1Risk platform. You can also provide your own custom assessments to the C1Risk platform. Here is a quick and easy guide to for creating and uploading your internal and external risk assessments.
Risk scores are automated in the C1Risk assessment module, and can be categorized based upon your own risk management policies. See how easy it is to set up in your C1Risk platform.
Once an assessment has been completed, you can track and mitigate findings in the C1Risk platform and/or export a summary report of the assessment in Excel or PDF format with the click of one button.
All your risk assessments can be customized from a question and risk scoring perspective to ensure assessments meet your risk management policy requirements and risk classifications.
Why wade through spreadsheets scoring assessments, adding findings, and creating reports, when you can easily auto-create and manage findings and reporting in the system or "one-click" export reports into PDFs or Excel. Great for MSP, Consultants and TPRM Teams.
All C1Risk assessment templates can be configured to auto-create findings based upon responses. See how easy it is to score an assessment using the C1Risk platform.
All DIBs (Defense Industrial Base Sector) vendors must submit a NIST 800-171 Self-Assessment through SPRS (https://www.sprs.csd.disa.mil/) before December 31. C1Risk provides the Assessment and the report needed to submit to SPRS for quick, complete readiness as you begin your CMMC journey.
How to send an assessment on the C1Risk Platform
Learn two approaches to selecting controls in scope for compliance and how to quickly create your Statement of Applicability on the C1Risk platform.
How to add a new risks to your risk register on the C1Risk platform.
Explaining the risk register, and how to build out your risk register on the C1Risk platform
Risk groups are the macro-categories that you can configure in the C1Risk platform. Your risks will then sit under those categories, and your Risk Register or any reporting can be segmented by group.
A quick overview of the management of risk in our C1Risk platform
If you don't have a risk, do you need a control? What are you controlling if you don’t have associated risk? In the C1Risk Platform, Assets are connected to internal controls where there is a risk. Learn more here.
Learn how and why to connect your risks and controls to your assets for asset-based risk and compliance.
