Unified Risk Assessment Framework
Risk Tracker
Assessing, Prioritizing, and Mitigating Risks
Cisco’s Security & Trust organization helps to inform internal Cisco product teams the scope of risks and requirements, and the potential security compliance impacts upon shipping their product.
I was tasked with designing an internal risk management tool that helps Cisco offer teams assess their product specifications, display relevant risks, and allow for mitigation of security requirements through uploading documentation, assigning team members, and auditing – both as an asynchronous and security architect led experience.
This project has led to better improvement in the Cisco Secure Development Lifecycle workflow and feature improvements across various compliance checkpoints, including security business and federal mandates.
PROBLEM
How might we inform offer teams about internal and federal security risks, requirements for mitigation, and enable greater efficiency for their product ship date?
New Requirements Identified modal
Assessment – Software Specifics
On-Premise into Risk Tracker UX Flows
