Below is a Q&A session with Asim Chauhan, CEO of RiskWatch International. Asim is a well-known pioneer in the software, technology outsourcing, and digital media industries for over 30 years. He is a respected member of the risk management community.
Asim Chauhan
Performing risk assessments has historically been a difficult and time consuming, albeit necessary, process. Using spreadsheets and file shares, writing reports, and managing remediation are all time-consuming tasks, which is why many organizations have started turning to automation for these processes.
Q: First and foremost, can you please share with us a brief overview of your company? When was RiskWatch established and what are your goals?
A: RiskWatch was founded in 1993 with the goal of developing an easy-to-use risk and compliance assessment software that could benefit any client. Our software enables companies to ensure compliance with regulations or identify security gaps in their organization. We don’t take security or risk management lightly either – whether we’re helping to protect a patient’s personal health information or our country’s critical infrastructure, our goal is helping customers achieve 100% success.
Q: What industries do you serve and who are your current customers?
A: We designed our software to be fully customizable. As such, we have customers in a wide array of industries such as energy & utilities, financial services, healthcare, manufacturing, gas & oil, and government. Our customers range from Fortune 100 companies to local credit unions. Some of the most recognized companies to use RiskWatch are Oracle, Pfizer, Puma.
Q: What kind of impact can customers expect once they use RiskWatch?
A: New customers will immediately experience a drastic reduction in time commitments. On average, our customers have a 74% reduction in their entire assessment process thanks to our software’s automation of time-consuming practices. This reduces customer cost in the need to hire consultants or extra staff and allows existing staff to spend more time on important tasks such as data analysis and mitigation.
Customers will also notice an improved quality of assessments. Our software facilitates a thorough assessment that doesn’t let any task slip through the cracks. We have yet to have a customer fail an audit. (See: SecureWatch)
Q: Tell us more about RiskWatch. What are your key features and capabilities?
A: Our software focuses on physical security, cyber security, compliance, vendor management, supplier management, and client management; our features help streamline those processes. Our most popular feature is automatic reporting. You can customize how you want your report to look within the software, then just click generate any time in the future to have a C-level report that covers risk, compliance, security gaps, recommendations, and task status. This saves around 32 hours per report, depending on the customer requirements.
Some other key features include real time analytics on the dashboard, automated email communication, suggested remediation to risks, and our smart survey engine. Customers performing physical security assessments really offer high praise for our mobile app, which allows them to do their assessments offline and as they walk around the facility or perimeter.
Q: How do you automate and standardize spreadsheet assessments?
A: Our software has a bulk upload feature that lets a customer upload their entire assessment criteria from a spreadsheet into the platform. Not only does the platform serve as a central repository for all assessments, it helps eliminate human error and bias and standardize the assessment process.
The whole process is automated using features I’ve previously mentioned. The user simply selects their criteria and the system automatically emails relevant staff an introductory email that explains their task in providing assessment information. They will get reminder emails at set frequencies reminding them to complete their task, escalating to management if needed. The platform then updates in real time, generating charts and offering remediation tasks for each non-compliant or high-risk answer. Then a customizable report can be downloaded with all information in the platform.
Q: How do you score an organization and the vendors they do business with against today’s baseline cyber security requirements?
A: We offer over 35 content libraries that contain industry regulations and best practices. Utilizing these standards or custom content for cyber security, the software automatically considers threat level, criticality, compliance to the standard/best practice, and consequence. These factors contribute to an overall risk score that will alert the organization to which areas need immediate improvement, and which risks are within their appetite. This is the same process if you are doing an internal assessment or evaluating a vendor.
Q: Looking into the future, what are some market trends or technologies you see on the rise in the risk management space and how is RiskWatch meeting these?
A: The risk, compliance, and security management platform landscape is changing with the development of new regulations like GDPR and new technologies like Artificial Intelligence, Machine Learning, and Natural Language Processing. We will introduce these technologies to automate more of every assessment in our platform and continue to provide custom versions of regulations like GDPR that can be used in our platforms, off-the-shelf.
Acquiring data to perform assessments was a huge challenge 10 years ago but now there is so much data available, filtering through and analyzing the data is the new challenge. We’ll provide customers with the ability to leverage data analyzed by their peers in a secure channel or sharing network so less needs to be done up front to perform assessments.
We are partnering with several firms to reduce the need for assessments to be repeated within organizations in areas commonly assessed, like a cloud service or enterprise application. The goal here is to reduce the ever-increasing strain on risk, security, and compliance teams within organizations and promote reuse and sharing of data collected in an automated but secure channel.
About RiskWatch
RiskWatch is a global leader in the risk and security software industry. The company has succeeded in providing risk, security, and compliance assessment solutions to customers across all industries with its state-of-the-art risk assessment software.