Published under Risk Management

Tool Identity Card

General information
Basic information to identify the product

Tool name : RiskWatch for Information Systems & ISO 17799
Vendor name : RiskWatch
Country of origin : United States

Level of reference of the tool
Details about the coverage or the « originators » of the solution

Coverage : Local
Supported by organization, club,... (e.g. as sponsor) :

Brief description of the product
Give a brief description of the product containing general information, overview of functions…

  • RiskWatch for Information Systems &ISO 17799 is the of RiskWatch company' solution for IS Risk Management. This tool conducts automated risk analysis and vulnerability assessments of information systems. The knowledge databases that are provided along with the product are completely customizable by the user, including the ability to create new asset categories, threat categories, vulnerability categories, safeguards, question categories, and question sets. The tool includes controls from the ISO 17799 and US-NIST 800-26 standards. RiskWatch provides an online demonstration of this product.

Supported functionality
Specify the functionality this tool provides.

R.A. Method phases supported

  • Risk identification : Phase I & II: List of predefined threats grouped in categories
  • Risk analysis : Phase I & II: Determine the potential financial impact
  • Risk evaluation : Phase I & II: Gather information about vulnerabilities

Other phases

  • N/A

R.M. Method phases supported

  • Risk assessment
  • Risk treatment : Phase III : Define safeguard details
  • Risk acceptance : Phase III : "what-if" scenarios

Other phases

  • N/A

Other functionality

  • Asset Inventory: List of individual assets grouped in categories

Information processed

  • Executive Summary
  • Full and summary reports: For elements identified in Phases 1 and 2
  • Cost Benefit Report
  • Safeguard threat report
  • Audit trail reports
  • Final management report

Date of the first edition, date and number of actual version

Date of first release : N/A
Date and identification of the last version : 2002 - version 9

Useful links
Link for further information

Official web site : http://www.riskwatch.com/
user group web site : N/A
Relevant web site : N/A

List the available languages that the tool supports

Languages available : English

Pricing and licensing models
Specify the price for the product (as provided by the company on December 2005)

  • $15.000

Sectors with free availability or discounted price : Educational discount: 25%

Trial before purchase
Details regarding the evaluation period of the tool

CD or download available : Online demonstration
Identification required : Yes
Trial period : -

Tool architecture
Specify the technologies used in this tool

  • Web server
  • Standalone application

Page top


Target public
Defines the most appropriate type of communities for this tool

  • Government, agencies
  • Large scale companies
  • SME

Specific sector : N/A

Information concerning the spread of this tool

General information : 3000 users
Used inside EU countries : N/A
Used outside EU countries : N/A

Level of detail
Specify the target kind of people for this tool based on its functionality

Management : N/A
Operational : N/A
Technical : N/A

Compliance to IT Standards
List the national or international standard this tool is compliant with

Tool helps towards a certification
Specify whether the tool helps the company toward a certification according to a standard

  • N/A

Information about possible training courses for this tool

Course : RiskWatch for Information Systems Two-Day Training: 2 days duration, Principles of Risk Assessment, Familiarity with the RiskWatch Automated Risk Assessment Program, cost $1000 per person
Course : On-site Riskwatch training: 2 days duration, Risk analysis with Riskwatch, cost $5500 per class

Page top

Users viewpoint

Skills needed
Specify the skills needed to use and maintain the solution

  • To install : N/A
  • To use : On-line help
  • To maintain : N/A

Tool Support
Specify the kind of support the company provides for this product

Support : Online and telephone Support, Help, FAQ, etc

Organization processes integration
Describe user roles this tool supports

Supported Roles

  • N/A

Intergration in Organization activities

  • N/A

Interoperability with other tools
Specify available interfaces or other ways of integration with other tools


  • Import/Export: DataSheet (Excel), Databases (ODBC)

Sector adapted knowledge databases supported
Name and describe the sector adapted databases that this tool provides

  • N/A

Flexibility of tool's database
Can the database be customized and adapted to client requirements?

  • Questionnaires : Customize
  • RiskWatch IS database : Create new asset categories, threat categories, vulnerability categories, safeguards, question categories, and question sets.

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more