About Agiliance
Leader in IT Governance, Risk and Compliance (IT GRC) Management
Agiliance is first to deliver an integrated platform to manage the interdependent disciplines of IT Governance, Risk and Compliance .
Agiliance enhances IT Governance by helping IT support the organization’s strategic goals, define and manage security policies, measure and manage IT risk, lower compliance costs, and achieve and maintain sustainable compliance with industry mandates, government regulations and internal policies.
Agiliance metrics provide full visibility into an organization’s risk and compliance status and trends. It enables more informed executive decision making, better management oversight and increased accountability.
Enabling Risk-Based Policy Management and Executive Decision Making
The Agiliance IT-GRC™ platform leverages an integrated architecture for risk, security and compliance management to calculate and reports risk and compliance scores for any asset and any group.
High-level executive dashboards and reports ensure instant visibility into the current and past risk and compliance status of divisions, business units, geographies and of the organization as a whole.
Agiliance's standards-based risk assessment methodology and risk analysis engine quantifies security risk for all assets and business processes and links risk to policies, controls and the threat environment. Control failures translate into an increased risk score for affected and related assets and the business processes that depend on them.
High-level risk scores empower management to make better decisions, define and manage control objectives and policies, and track risk levels against set tolerances. They help business process owners be more accountable by enabling them to focus mitigation efforts on risks and processes that matter most to the business.
Cost-Effective Multi-Regulatory Compliance
Deploying the Agiliance IT-GRC platform can dramatically reduce the cost of achieving and maintaining compliance for organizations that are subject to many regulations and industry mandates.
Agiliance is helping companies which still use a tactical, silo-based approach to multi-regulatory compliance, transition to a holistic risk-based compliance strategy that implements a common controls and policy set based on standard frameworks such as ISO 1799/27001, COBIT, NIST or FFIEC. The benefits are the elimination of many overlapping controls, reduced complexity, increased controls reliability, better business performance, and of course, measurably lower compliance costs. In simple compliance terms it means: test once, certify many. Leading analyst firm Gartner reports that this approach results in a 30 to 70 percent reduction in the number of controls and related compliance costs.
Sustained, Continuous Compliance Through Automation
In sharp contrast to general purpose GRC platforms which rely exclusively on self-assessment surveys to test controls, Agiliance IT-GRC lets users fully leverage the power of IT automation. While some controls that can only be tested through periodic self-assessments, the configuration management and compliance monitoring of most IT assets can be fully automated.
Agiliance IT-GRC supports the automated deployment, control and monitoring of controls for IT assets. No agent is required on monitored hosts.
Automation not only eliminates the cost and time burden inherent to manual controls, it ushers in continuous, low-cost, sustainable compliance.
Only Agiliance integrates both survey-based and automated test mechanisms in calculating risk and compliance scores, which are thus inherently more accurate.
Broad Regulatory Coverage
Agiliance ships with an extensive best-practices library of policies and controls mapped to the major standards-based frameworks and to all key government regulations (e.g. Sarbanes-Oxley 404, HIPAA, GLBA and FISMA) and industry mandates (e.g., SAS 70 and PCI). Agiliance specialists maintain this library and regularly incorporate changes to existing regulations as well a new regulations. Customers who choose standards-based policies will experience the lowest cost impact when regulations evolve or when they become subject to additional regulations and mandates.
Enterprise Integration
The Agiliance IT-GRC platform is an open system designed to integrate with existing IT infrastructures.
Using standard interfaces and specialized “connectors”, Agiliance integrates vulnerability and security information from tools already deployed. It can leverage customers’ existing investments in specialized or broader policy, risk, compliance or configuration management tools.
Seasoned Team
Headquartered in San Jose, California, Agiliance was founded and is managed by a seasoned team with deep expertise in security and compliance and a track record of success in bringing to market innovative enterprise software solutions.