36 lines
No EOL
1.7 KiB
Markdown
36 lines
No EOL
1.7 KiB
Markdown
AI-enabled tooling to guide and advise employees in different roles in the organization.
|
|
|
|
Examples:
|
|
|
|
**Risk analysis**
|
|
- C-level: high level policies state that we analyse risks and identify mitigating measures when starting a new project
|
|
- Policy_Agent drafts a context specific policy based on best practices
|
|
- Project manager:
|
|
- Risk_Agent provides an overview of the steps to be taken, who to involve in what way (based on stakeholder analyses, creating a RASCI matrix) and guides the project manager through gathering the data. Maybe even plan meetings and send out invites.
|
|
- Integrate with project management and GRC software
|
|
|
|
**Vendor selection**
|
|
- C-level: high level policies state the security requirements for vendors and applications
|
|
- Policy_Agent drafts a context specific policy based on best practices
|
|
- VendorQ_agent creates questionnaires to send out to a selection of vendors
|
|
- Q_Comparison_agent compares the returned questionnaires with the requirements and creates a table comparing the vendors
|
|
|
|
**Data classification**
|
|
1. questionnaire on how employees would classify different kinds of documents
|
|
2. a classification matrix is suggested based on the results
|
|
3. once the policy is established, this serves as a metric on how the perception of different groups of employees differs from the norm
|
|
4. develop interventions based on these differences
|
|
|
|
**Threat analysis**
|
|
- do a threat analysis, see [Create a threat analysis chatbot](../../Corpus/💡Drafts%20and%20Ideas/Controls/Create%20a%20threat%20analysis%20chatbot.md)
|
|
|
|
|
|
**Policy drafting**
|
|
|
|
**Auditing**
|
|
- a virtual auditor, that interviews you, and identifies areas for improvement
|
|
|
|
**Feed the bot**
|
|
- Blokdyk content
|
|
- NHC cases
|
|
|