Go to the CCS Web console and click Dashboard to navigate to the dashboards. In the left navigation panel, under the Risk category , click Risk-Home to view the risk dashboard.
Let us assume the following scenario:
You have security objectives SO1, SO2, and SO3 with the following mappings:
SO1 is mapped to the business asset BU1 and has the controls category CC1 associated. CC1 has controls C1 and C2 mapped.
SO2 is mapped to the business asset BU2 and has the controls category CC2 associated. CC2 has controls C3 and C4 mapped.
SO3 is mapped to an asset group AG1.
In context of this scenario, let us understand how you can use the risk dashboard and panels to monitor risks. Risk-Home dashboard contains predefined dashboards that help you visualize the risk from multiple dimensions. For this example, let us consider the following predefined panels:
Top 5 Security Objectives with Maximum Risk
If the business unit head gets an alert that SO1 has crossed the set limit of the target risk, the business unit head can right-click on SO1 and select By Controls and drill down to CC1. The business unit head can click on CC1 to drill down to the mapped controls C1 and C2 and click on the controls C1 and C2 to drill down to the statements that mapped to them.
The business unit head can also right-click on SO1 and select one of the following orientation options to drill down and view the risk from multiple dimensions, from the context of the controls or the asset group:
By asset groups
Detailed risk posture
Top 10 assets with highest risk score
Top 5 business units at highest risk
Top 5 control categories at highest risk
Various types of risk
Weighted base risk score
Create action plan
While viewing the risk score, the business unit head can right-click the graph in the panel and select Create Action Plan to define a risk action, from any view.
Top 10 Asset Groups with Maximum Risk
The business unit head can right-click on AG1 and select Detailed Dashboard. The business unit head can click on AG1 and from the context of the asset group, drill down to the datacenter that is mapped to the asset group. Then further click on the datacenter to drill down to the asset A3 that is at a high risk and causing AG1 to be at a maximum risk.