Home
ESIS is an opensource software that brings a global framework to manage IT Security & Risks processes. It delivers pragmatical and simple answers to key questions that have plagued the organization of Risk management. Even though ESIS first target is IT Security, the fact that it relies on standard processes enables to use it to manage any kind of risks.
ESIS is built upon a vision that risks related processes needs to interact such as to form an end-to-end process from threats management to crisis management. The establishment of true processes is essential to allow all the stakeholders (ie. CSO, CIO, Outsourcer, Compliance & Risk Officers, Auditors, etc.) to work together. The management of risks and of IT security is hampered by the lack of processes and clear interaction in between all the stakeholders. In deed, IT may manage Threats on one end with its set of tools. Auditors & Internal control manage their audits with their Excel or whatever works. Compliance and global risk use their own toolbox and so on. By the end the biggest risk is that risk management isn't coordinated and thus cannot lead to crisis prevention and management which is the goal.
By design ESIS can handle simultaneously the processes of multiple "companies" or subsidiaries, each having its own separate dataspace. Thus ESIS can provide global answers to questions related to either a "group" posture (vertical consolidation), "customers" for an outsourcers (horizontal consolidation) down to the specific people of department of a precise site. See Companies in ESIS Framework.
Modules
Just like a business ERP ESIS is composed of different modules that can be used independently but also linked to provide an integrated management of risks. At this time 5 modules are available :
Consolidated Indicators and Dashboards
How to compute global & holistics risks & security indicators ?
ESIS-Wiki:Module-Metrics
Probes
ESIS use probes to consolidate data into the processes and compute Key Performance Indicators (KPI) and Key Risk Indicators (KRI).
ESIS-Wiki:Probes
* [Probes list]
ESIS-Wiki:Probes_configuration
ESIS-Wiki:Probes_run
Configuration
ESIS-Wiki:Installing
ESIS-Wiki:Updating
ESIS-Wiki:Global_properties
ESIS-Wiki:AD_AUTHENTICATION
ESIS-Wiki:SSL_JavaKeystore
Administration & Monitoring
ESIS-Wiki:ADM_PROCEDURES
ESIS-Wiki:Monitoring_Nagios
Reports & Custom Reports (Jasper)
This is the generic ESIS Framework WIKI: