Governance, Risk and Compliance (GRC) Solutions - Continuous Compliance

By: Agiliance  09-12-2011
Keywords: Regulatory Compliance


Regulatory compliance is dynamic, costly and checking the box is no longer an option. Periodic audit approaches of compliance results in organizations being exposed by leaving failed controls undetected and uncorrected between audit cycles. Compliance mandates are global and require exposure by law when breaches do occur. There is not just one group within the organization responsible for its success or failure so a continuous approach to managing and monitoring compliance is necessary for meeting the ever-changing global compliance requirements and making results leverageable for risk management.


RiskVision creates a repeatable, sustainable compliance program by mapping controls to multiple regulations, standards and processes including SOX, PCI, ISO, NIST, FFIEC, NERC, HIPAA, FISMA enabling a "test-once and comply-to-many" status. RiskVision centralizes data in a common control framework where redundancy is eliminated and control objectives for multi-regulations are normalized. Companies avoid audit fatigue and achieve continuous compliance through closed loop automation. RiskVision provides out-of-the-box integration with CMDBs, automatically maps required controls to assets, and dynamically determines asset classification based on asset attributes and configuration. Automated control testing is achieved by importing results from connectors to a wide range of security and IT management tools. RiskVision combines technical control testing and self-assessments for integrated continuous compliance automation.

  • Keywords: Regulatory Compliance

    Other products and services from Agiliance


    Governance, Risk and Compliance (GRC) Solutions - Privacy Impact Assessment

    Fourty-six states, including District of Columbia, Puerto Rico, and the Virgin Islands have all enacted breach notification laws.


    Governance, Risk and Compliance (GRC) Solutions - Breach Management

    When a breach is reported, an organization needs to ensure proper incident management procedures are followed, the right stakeholders are alerted and actively involved, documentation is captured throughout the investigation and remediation processes are followed to ensure the proper reporting and documentation are completed post mortem.


    Governance, Risk and Compliance (GRC) Solutions - Business Policy Management

    RiskVision supports full policy lifecycle management including a policy repository for collaborative authoring and review/approval with unique policy workflow assignments for authoring, review, approval, and distribution. By having a common set of organizational policies approved by the Board, organizations have a business policy framework that is followed by all employees minimizing enterprise risk while complying with regulations.


    Governance, Risk and Compliance (GRC) Solutions - Project Risk Management

    RiskVision makes it simple to collaborate among program offices, project teams, architecture, security and standards review boards, operations, procurement, finance, and management. In case exceptions are required, RiskVision manages the full exception lifecycle, including request, risk assessment, initial approval, and subsequent periodic re-approval.


    Governance, Risk and Compliance (GRC) Solutions - Actionable Risk

    RiskVision provides risk visibility that is role specific honing in on the right information for the right user, ranging from giving executives a universal risk view to presenting detailed analysis for operational analysts. Highly publicized examples of organizations with poor risk management are all over the news, including well known companies in the financial services, energy, automotive, healthcare, and retail industries.


    Governance, Risk and Compliance (GRC) Solutions - Integrated GRC Applications

    RiskVision is the most proven GRC automation technology with existing production environments with more than 140,000 users, more than 130,000 continuously monitored assets, and over 100 million technical checks performed weekly. RiskVison applications are scalable on a J2EE platform with open interfaces, and designed from the ground up to form a GRC automation platform, compared to consulting tools that have slowly evolved over time.