HOPEX IT Risk Management Solution Profiles
In HOPEX IT Risk Management , there are, by default, business profiles with which specific activities are associated.
Presentation of the solution interface depends on the profile selected by the user on connection to the application; the tree of menus and functions varies from one business role to another.
IT RM functional administrator
The IT RM (IT Risk Management) functional administrator essentially manages environment objects (organization, process, business capacity, business line and IT asset inventory).
The application inventory can also have been previously built using
HOPEX Architecture or
HOPEX IT Portfolio Management by application portfolio and application managers.
The functional administrator has access to the following desktops:
• Administration
• Environment
• IT RM
The main tasks of the manager are to:
• establish the application inventory
• establish the vendor inventories
• assign each application to one or more IT RM Manager
• assign, if required, applications to processes and/or business lines
IT GRC Manager
IT RM (IT Risk Management) managers are the main users of the HOPEX IT Risk Management solution.
They can belong to one or more departments (safety, compliance, risk management).
They have all rights over threats, vulnerabilities, risks, controls, assessment objects, regulations, requirements and reports.
The main tasks of the manager are to:
• establish the inventory for threats and vulnerabilities
• identify the vulnerabilities for each asset
• position risks on IT Assets
• assess risks
• define action plans for improvement
• identify regulatory requirements
• identify controls
• assess controls
• assess regulatory compliance
• enter the annual cost of products or services per vendor
• assess a vendor
Application owner
The application owner answers the questionnaire received in response to an assessment campaign.
The application owner can also consult the action plans assigned to him/her.