| Risk Asset Professional | |||||
| Feature Function | RAP | ||||
| Easy to use interface | √ | ||||
| A Structured approach and proven methodology | √ | ||||
| Customizable Weighting capability according to the importance of Assets | √ | ||||
| Risk scenarios completely customizable - Fit for purpose | √ | ||||
| Canned Threat Libraries - comes with ISO 27001 structure | √ | ||||
| Create own Threat Libraries | √ | ||||
| Automated Reporting - Threats, Vulnerabilities and Control level | √ | ||||
| Customizable Properties | √ | ||||
| Interactive report interface | √ | ||||
| Automates Statement of Apllicability (SoA) for ISO 27001 | √ | ||||
| Automates Risk Treatment Plans | √ | ||||
| Customizable CIA values | √ | ||||
| Monetary values if needed | √ | ||||
| Gap Analysis reports | √ | ||||
| Comparative Analysis | √ | ||||
| Customizable Impact values | √ | ||||
| Customizable Probability values | √ | ||||
| Customizable Vulnerability ratings | √ | ||||
| Prioritize Controls | √ | ||||
| Search capability | √ | ||||
| Direct interface into CAP Product | √ | ||||
| Import of own Logo for consistency with clients | √ | ||||
| User Manual | √ | ||||
| Retention Retrievable and Auditable | √ | ||||
| Assists in the management review process and in the Asset Risk process | √ | ||||
| Helps management understand assets values under their control and facilitates continual review | √ | ||||
| Export to CSV for easy reporting | √ | ||||
| Professional and Web versions available | √ | ||||
| Java Framework | √ | ||||
| Foreign Language Support | √ |