With this widget, IriusRisk users can see in advance what are the related work that can mitigate most of the security issues, taking the advantage of the learning or doing them at the same time. Also, they can discover the impact of similar work on different models or components in the same model.
This way, users can see what countermeasures of the similar bucket have been marked as required in one model but are still as recommended in others, and also can see how many are already implemented and what are similar remaining to implement.
Which countermeasures are not taken into account?
The countermeasure with no REQUIRED or RECOMMENDED instances will not be included. That means that the countermeasures that are all REJECTED or are all IMPLEMENTED will not be included because we are interested only in those that the user is able to select and pass from REQUIRED state to IMPLEMENTED, or from RECOMMENDED to REQUIRED (or REJECTED)
It is not included the countermeasures out of the user visibility and the project versions.
Please sign in to leave a comment.