The information governance research community Truth to Power today unveiled the Control & Risk Calculator (CRC), a free online tool for compliance, risk, and audit management. The tool is available at http://www.t2pa.com/crc.
The Control & Risk Calculator supports business efforts to improve internal controls related to information security and privacy, business process management, data management, e-discovery, business continuity, change management, and other information-intensive processes. Effective execution of these controls is critical to meeting both business performance goals and compliance obligations.
Incorporating user inputs and key principles from widely accepted audit, information governance, and risk management standards, the CRC rates factors from control strength to residual-risk severity. These calculations culminate in simple risk-based action recommendations. As a general risk management support tool, the CRC can be used to:
- Record and track existing information controls
- Assess the effectiveness of controls against recognized risk
- Expose gaps in compliance and information governance
- Evaluate the impact of operational and environmental changes on control effectiveness
- Prioritize information governance efforts based on current control conditions