- The Financial Settings provide background information regarding the size and scale of the organization. A key element, especially for an assessment, that will identify gaps in controls is the "Dollars Scale." This section, based on the COSO risk framework, allows the entire team to get on the same page regarding what a one $ sign gap is vs. a $$$$$ gap.
- The Company Personality page has perhaps the most important communication tool within FutureFeed. Namely, the Risk Profile for the organization. For successful communication and decision-making the Risk Profile allows the team to settle on whether the organization is Risk Adverse, Risk Accepting or somewhere in-between. With that knowledge and a shared understanding, opportunities can be weighed against the organization's goals.
Typically, larger or more mature organizations are more risk-averse and willing to invest more in preventing "bad things" from happening. Smaller companies often choose to invest more in innovation over compliance and are willing to accept greater risks. There is not a "right way" only the importance that everyone is on the same page.
- The One-Click Budget will be empty when FutureFeed is first set up. However, part of the assessment process is to define the list of tools and services employed by the organization (we need it to understand the security surrounding those items). Optionally, the organization may choose to define four fields for each tool or service:
- Licensing/Technology Costs/month
- Support Contract Costs/month
- Internal Labor Costs/month
- External Labor Costs/month
By estimating these costs for each item a reasonably accurate IT budget comes together missing only administrative time and costs. If a quick-budget is needed for decision-making, this optional element utilizes the work done in the assessment for efficient management decision-making.
Please sign in to leave a comment.