CYSM RISK ASSESSMENT TOOLKIT PROCEDURES I David Calduch Project Manager Port planning and Development Dept. VALENCIAPORT FOUNDATION

1.CYSM RISK MANAGEMENT PROCEDURE. 2.ADMINISTRATIVE FUNCTIONS AND PROCEDURES. 3.MANAGEMENT FUNCTIONS AND PROCEDURES 4.RISK ASSESSMENT FUNCTIONS AND PROCEDURES

1. CYSM RISK MANAGEMENT PROCEDURE

What is CYSM Platform? Users categories: Administrator Risk Assessment Administration General users. Type of users Information Security Officer Managers of Departments Employees of Departments 1. CYSM Risk Management Procedure

Risk Assessment Administration 1. CYSM Risk Management Procedure Administrator Organizational Calendar Management Configure Organization Structure Configure Risk Assessment Elements

2. ADMINISTRATIVE FUNCTIONS AND PROCEDURES

Administrator Organizational Calendar Management Configure Organization Structure Configure Risk Assessment Elements 2. Administrative Functions and Procedures

8 Organizational Calendar Management Main Options Add New Risk Assessment View Completed Risk Assessments Apply Standards Invite Involved Departments Define applied Sections (ISO27001) Define Level of appliance (ISPS) Define applied Subsections Next Slide 1 st Level Activities 2 nd Level Activities Statement of Applicability 2. Administrative Functions and Procedures

9 Organizational Calendar Management Main Options Add New Risk Assessment View Completed Risk Assessments Apply Standards Invite Involved Departments Previous Slide Definition Departments / Third Parties (names) Applied Managers (names) Applied Employees (names) 1 st Level Activities 2 nd Level Activities Organizational CHART 2. Administrative Functions and Procedures

Administrator Organizational Calendar Management Configure Organization Structure Configure Risk Assessment Elements 2. Administrative Functions and Procedures

Configure Organizational Structure Main Options Configure Internal Departments Configure Third Trusted Parties Add / Edit / Delete Entities (Deps & TTPs) Entity Configuration Entity – (Sub)Section Relation Weight of Entity on (Sub)Section Add / Edit / Delete Entity Managers Add / Edit / Delete Entity Employees Weight of Personnel on (Sub)Section 1 st Level Activities 2 nd Level Activities View

Administrator Organizational Calendar Management Configure Organization Structure Configure Risk Assessment Elements 2. Administrative Functions and Procedures

Configure Risk Assessment Elements Main Options (Configure Assets)* Configure Vulnerabilities Configure AllView Map Assets to Assets’ Categories Map list of Vulnerabilities to Threats 1 st Level Activities 2 nd Level Activities Configure Threats Configure Countermeasures Configure Assets’ Categories Add / Edit / Delete Map Threats to Standard (Sub)Sections* Map Vulnerabilities to Standard (Sub)Sections* Map Countermeasures to Standard (Sub)Sections* Define a Scale of appliance on Countermeasure Map list of Threats to Assets’ Categories Map list of Countermeasures to Vulnerabilities

CYSM RISK ASSESSMENT TOOLKIT PROCEDURES I David Calduch Project Manager Port planning and Development Dept. VALENCIAPORT FOUNDATION