Get a Demo
Published November 22, 2021 • By Michael Maggio, CEO and CPO • Blog
Michael Maggio, Executive Vice President of Product, Reciprocity

Meet Risk Intellect

Reciprocity® Risk Intellect is a new risk-analysis tool that, when used with the Reciprocity ZenGRC® platform, provides insight on the impact your compliance programs have on your cyber risk posture. By mapping your current compliance control assessments to cyber risks, it provides immediate context and visibility into which cyber risks and controls offer the greatest opportunity for reducing risk.

Michael Maggio, EVP of Product at Reciprocity, sat down to tell us a bit more about Risk Intellect.

Why did you create Risk Intellect?

I regularly see organizations struggling to mature their cyber and IT risk management practices beyond conducting risk assessments. Therefore, I was looking for ways we could leverage our current customers’ investment in an easy and powerful way to bridge into risk. Working with my Product Management team, we realized we could leverage industry taxonomies, such as the Secure Control Framework (SCF) to give us the foundation for that bridge. This relationship was the genesis of what has become Risk Intellect.

What is unique about it?

Risk Intellect directly derives an initial risk register from the specific implementation of a compliance framework. It demonstrates the value of compliance in the context of how that framework works to reduce the overall risk of the business operation that the framework is targeting.

How does it work with Reciprocity ZenGRC?

Risk Intellect uses the control information collected from a specific compliance framework that our customers have completed and uses the relationships established between controls and risks within the SCF to produce a weighted risk register aligned with the seven risk categories within the SCF.

We then leveraged our GRC experts within Reciprocity to give each risk object within the register an inherent risk score, and based on the level of implementation of the related controls, calculated a residual risk score.

Our experts also provided target risk scores to provide a starting point in benchmarking their residual risk. We then allow the user to manipulate various attributes about each risk, such as the likelihood or severity of the risk specific to them to see the impact on the overall risk score.

Learn more about how Reciprocity ZenGRC and Risk Intellect can help you move from “check-the-box” compliance to compliance-driven cyber risk management.

Why sign up for the Risk Insiders newsletter?

To stay in the know! Get new blogs, resources, CPE opportunities, industry research & more — direct to your inbox.

Thank you for subscribing to the Risk Insiders newsletter!

Recommended

Image
Reciprocity Announces Launch of Risk Intellect
moving chess pieces around on a circuit board
ZenGRC Product Updates

Reciprocity Announces Launch of Risk Intellect

Read more
Image
What is Calculated Risk in Business?
businessman moving chess piece in digital data hologram ambience
Risk

What is Calculated Risk in Business?

Read more
Image
What a Cybersecurity Risk Management Process Entails
unrecognizable hacker wearing a black hoodie and standing with crossed arms. Abstract HUD and infographics background. Cybersecurity
Risk

What a Cybersecurity Risk Management Process Entails

Read more

Start Closing Control Gaps, Not Just Finding Them

Get a Demo