Enterprise Integrity Content Generation and Utilization
First Claim
1. A computer program product, tangibly embodied in an information carrier, for a knowledge processing system, the computer program product being operable to cause data processing apparatus to:
- receive asset data representing a set of assets, the asset data including a respective value for each asset in the set of assets having a value;
receive threat data representing a set of threats;
each threat in the set of threats potentially reducing the value of one or more of the assets in the set of assets;
receive requirements data representing one or more requirements, wherein each requirement requires compliance with a regulation and a failure to satisfy the requirement constitutes a threat additional to the set of threats;
receive measures data representing a set of measures;
each measure in the set of measures protecting the value of one or more assets from the additional one or more threats of failing to satisfy the one or more requirements; and
calculate a current status using the measures data and the requirements data based on a level of compliance with the requirements, the level of compliance determined by the measures and the additional one or more threats to one or more assets represented by the measures data and the requirements data.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer program products, for risk assessment and analysis. In one general aspect, asset data representing a set of assets is received. Threat data representing a set of threats is received. Requirements data representing one or more requirements is received, wherein each requirement requires compliance with a regulation and a failure to satisfy the requirement constitutes a threat additional to the set of threats. Measures data representing a set of measures is received. A current status is calculated using the measures data and the requirements data based on a level of compliance with the requirements, the level of compliance determined by the measures and the additional one or more threats to one or more assets represented by the measures data and the requirements data.
79 Citations
22 Claims
-
1. A computer program product, tangibly embodied in an information carrier, for a knowledge processing system, the computer program product being operable to cause data processing apparatus to:
-
receive asset data representing a set of assets, the asset data including a respective value for each asset in the set of assets having a value; receive threat data representing a set of threats;
each threat in the set of threats potentially reducing the value of one or more of the assets in the set of assets;receive requirements data representing one or more requirements, wherein each requirement requires compliance with a regulation and a failure to satisfy the requirement constitutes a threat additional to the set of threats; receive measures data representing a set of measures;
each measure in the set of measures protecting the value of one or more assets from the additional one or more threats of failing to satisfy the one or more requirements; andcalculate a current status using the measures data and the requirements data based on a level of compliance with the requirements, the level of compliance determined by the measures and the additional one or more threats to one or more assets represented by the measures data and the requirements data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product, tangibly embodied in an information carrier, for a knowledge processing system, the computer program product being operable to cause data processing apparatus to:
-
receive user input defining specific threat triggers; receive user input defining a generic threat trigger corresponding to the specific threat triggers; and receive user input defining specific means by which the generic threat could be carried out. - View Dependent Claims (12)
-
-
13. A computer-implemented method comprising:
-
receiving asset data representing a set of assets, the asset data including a respective value for each asset in the set of assets having a value; receiving threat data representing a set of threats;
each threat in the set of threats potentially reducing the value of one or more of the assets in the set of assets;receiving requirements data representing one or more requirements, wherein each requirement requires compliance with a regulation and a failure to satisfy the requirement constitutes a threat additional to the set of threats; receiving measures data representing a set of measures;
each measure in the set of measures protecting the value of one or more assets from the additional one or more threats of failing to satisfy the one or more requirements; andcalculating a current status using the measures data and the requirements data based on a level of compliance with the requirements, the level of compliance determined by the measures and the additional one or more threats to one or more assets represented by the measures data and the requirements data. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system comprising:
-
means for receiving asset data representing a set of assets, the asset data including a respective value for each asset in the set of assets having a value; means for receiving threat data representing a set of threats;
each threat in the set of threats potentially reducing the value of one or more of the assets in the set of assets;means for receiving requirements data representing one or more requirements, wherein each requirement requires compliance with a regulation and a failure to satisfy the requirement constitutes a threat additional to the set of threats; means for receiving measures data representing a set of measures;
each measure in the set of measures protecting the value of one or more assets from the additional one or more threats of failing to satisfy the one or more requirements; andmeans for calculating a current status using the measures data and the requirements data based on a level of compliance with the requirements, the level of compliance determined by the measures and the additional one or more threats to one or more assets represented by the measures data and the requirements data. - View Dependent Claims (19, 20, 21, 22)
-
Specification