Content

Acuity Risk Management STREAM Integrated Risk Manager 5.4

STREAM is a risk management and compliance solution that gives visibility into risk levels by quantifying cyberrisks. It projects ROI by showing the potential repercussions of identified risk, quantifying the value gained through security expenditures and prioritizing risks based on the remediation costs. The solution is highly configurable, scalable and framework-agnostic, offering real-time updates and actionable data. It simplifies complex relationships within risk management. Threats, controls, vulnerabilities, test results, incidents, issues, audit findings and actions are aggregated to provide a complete picture of all the information required to understand cyberrisk status.

On-premises and SaaS options have identical interfaces. It links all governance risk and compliance data objects to provide comprehensive visibility of data and assist security professionals in making decisions by providing quantified cyberrisk.

Although the user interface could be enhanced to improve ease of use, it is configurable down to the individual user level, with multiple home pages displaying a variety of data protected by role-based access privilege. A unique aspect of the interface, the Enterprise Tree feature, is flexible and highly scalable and delivers at-a-glance risk views. The tree displays risk information, such as where it exists, the number of controls mitigating it and quantitative expected loss values that represent the potential financial impact of a breach.

STREAM uniquely supports both qualitative and quantitative risk assessments. Quantitative assessments record the range of potential losses with an estimation of confidence of that range resulting in an overall loss magnitude score. The expected likelihood of a loss event frequency is configured by leveraging statistical analysis. This analysis projects the expected loss per year from the losses that are estimated as most likely to happen. Loss Exceedance, the probability of losses exceeding a certain amount, is graphed alongside potential risk, current risk and risk tolerance. Since most cyberevents tend to follow a normal distribution (as it relates to loss magnitude and frequency of risk occurrence), this quantitative approach helps promote a proactive risk management posture.

Starting price for single user (Personal Edition) is $1,99,5 including support and software upgrades. Starting price for multi-user (Server Edition) is $3,390 including support and software upgrades. Three-hour response support (phone, email, web, knowledgebase, and FAQs), error correction, and free software upgrades come standard with any subscription. Priority Support (one-hour help desk response) is available for an additional charge. Support is offered 8/5. 

Tested by Matthew Hreben

Product title
Acuity Risk Management STREAM Integrated Risk Manager 5.4
Product info
Vendor: Acuity Risk Management Price: $1,995 (Personal Edition) or $3,390 (Server Edition) Contact: acuityrm.com
Strength
STREAM’s quantitative approach empowers proactive risk management by quantifying risk in financial terms.
Weakness
The user interface is aesthetically outdated.
Verdict
The software solution is a highly configurable, scalable and framework agnostic offering real-time updates and actionable data for a complete picture of all the information required to understand cyberrisk status.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.