ARAT most prominent advantage is reach, interrelated catalogue of asset, threats and vulnerabilities, which enables to assessor to reproduce the typical information security situation. Simply by selecting the information asset, its typical threats and vulnerabilities are used to auto generate the potential risk incidents.
ARAT main output is standard compliant »Risk Treatment Plan«. The Dashboard gives quick overview and detailed insight into problematic business processes, most risky assets and most effective actions.
Its modern and slick user interface enables intuitive work, with practically no learning curve. ARAT naturally guides the user through risk assessment process, yet enables him to select his own workflow.
ARAT is compliant with ISO/IEC 27001:2005 and uses ISO/IEC 27005:2008 recommended methodology. Its modular structure allows it to adapt other risk assessment methodologies as well.
ARAT as a cloud service enables the customer to start using ARAT services without any installation and setup hassle.
ARAT was build by Astec team, an ISO/IEC 27001:2005 certified organization,
- Which includes Certified Information Security experts
- Has rich experience in consulting and implementing ISO/IEC 27001:2005 standard