Inherent Risk Evaluation

The Quality Assessment module is directly integrated into the detail pages of the physical entities.

In the “Quality Assessment” tab, present on the detail page of a physical entity, you will find a table that shows, for each risk in the registry, the inherent risk assessments entered for that specific data asset. If there are controls that reduce the risk, a summary is reported and the final residual risk is shown.

To modify or insert a new evaluation, it is possible to click on the row of the risk that one wants to evaluate. The modal allows the frequency and magnitude of the damage to be entered when the risk materializes. The “Delete” key allows you to delete any evaluation that may be present.

Control Effectiveness Evaluation

In addition to the detail pages of the physical resources, the Quality Assessment module is also integrated into the detail pages of the quality checks, allowing the user to immediately evaluate the effectiveness of a control with respect to the identified risks.

The “Check Assessment” tab is present on the detail page of a quality control. Here is a table showing, for each risk, the reduction in frequency and impact entered for the check and therefore the effectiveness of the final control.

To modify or insert a new evaluation, it is possible to click on the row of the risk that one wants to evaluate. The modal allows the insertion of the severity and probability reduction granted by the quality check. The “Delete” key allows you to delete any evaluation that may be present.

Massive Assessment Operations

Blindata allows you to download and import data through CSV files. These features can be used for the information gathering phase of the past or for massive and/or periodic maintenance activities.

Export features are available for:

• inherent risk assessments: allows you to download the CSV of the inherent risk assessments. The command is available on the dashboarding page (see previous paragraph)
• assessments of the effectiveness of controls: allows you to download the CSV of the effectiveness of the controls. The command is available on the dashboarding page (see previous paragraph)
• residual risk analysis: allows you to download the CSV containing the results of the residual risk analysis. The command is available on the dashboarding page (see previous paragraph)

Export csv files can also be used for import. The importer is accessible under the “Settings” item of the side menu.

• import inherent risk assessments: the CSV includes specifications of the physical entity, the risk code being assessed, and the related assessment expressed in terms of probability and impact or directly of inherent risk. To specify impact, probability or inherent risk, you can use its label as specified by configuration or its associated numerical value.
• import assessments of the effectiveness of controls: the CSV includes the specifications of the data quality control, the risk code being evaluated and the relative evaluation expressed in terms of impact reduction and frequency reduction or directly of control effectiveness. To specify probability reduction, impact reduction, or effectiveness, you can use its label as specified by configuration or its associated numerical value.