Risk Tracker v1.0 (CTP) is a sample application built using CISF. This custom application was created to help the Microsoft Information Security Team track information security risk across the company. Eventually the solution will move to use the Microsoft GRC as the core risk engine and integrate into Systems Center. We are providing the source code and sharing the application now so our customers can share from our learning’s and adopt and extend the system for themselves. Risk Tracker serves as an example of how to build a custom security application using the Connected Information Security Framework.
Risk Tracker key features -
• Integrate into Key Business Systems like HR and Portfolio / Asset Management Systems.
• Enter and Track Risks associated with business groups, geographies and projects.
• Enter and Track Tasks Associated with Remediating or Tracking Risks.
• Perform Basic Risk Calculations.
• Track The History of changes made by user/system to Risks.
Note: Soon the Information Security Tools team will release a Business Intelligence solution based on SQL Server 2008 that provides data warehousing, reporting and data analytics for risk data.
To keep up to date with The Information Security Tools Team follow http://blogs.msdn.com/securitytools/