Risk Acceptance

It is impossible to eliminate cyber security risk, so the question becomes one of risk acceptance. In order to accept risk, we need to understand risk and its context in relation to business outcomes. The more good information that we have on cyber risk status, the greater the chances of making correct decisions on risk acceptance. 

STREAM provides technology to capture, link, present and pivot cyber security information to increase the chance of good cyber security decisions.


  • Support for multiple configurable risk assessment schemes to meet varying requirements across different parts of the enterprise
  • Ability to compare risk against appetite across different parts of the enterprise
  • Ability to easily see all information which could influence the assessment and acceptance of risk, including:
    • Assets at risk and their business value
    • The performance of  controls
    • Related incidents
    • Open vulnerabilities, particularly those being ‘exploited in the wild’
    • Relevant threat intelligence
    • Overdue actions
    • Outstanding audit points
  • Ability to pivot on all of the above information, e.g. to see all assets that are exposed to risk as a result of weakness in a key control
  • Capture of decisions and supporting evidence for risk acceptance
  • Automatic scheduling of future risk acceptances



  • Higher likelihood of making the right choices around new opportunities, particularly in relation to digitalization
  • Increased agility to react to change
  • Fosters clear accountability for risk assessment across the enterprise

Onsite or web training needed?

Please contact us to discuss your requirements.