Products


“We are looking to Agiliance to raise the quality of our risk assessments while reducing the time and cost needed to complete them.”
E. Moskowitz
Corporate Information Security
State Street Corporation

<

The Agiliance IT-GRC Engine: How it works

The Agiliance IT-GRC 3.0 engine powers a risk and compliance management platform with the ability to scale to hundreds of thousands of assets using:

  • Agiliance Connectors and the Open Connector Architecture providing automated, agentless data gathering from and bi-directional communication with the widest range network security and change management sources in the industry including scanners, SIM/SEMs, directories, CMDBs, Identify Management systems, Segregation of Duty, and other systems.

  • Agiliance E-Survey Engine for conducting risk and compliance assessments both inside and outside the organization
  • The Agiliance Managed Asset Repository storing all monitored assets including IT servers, applications, processes, vendors/partners, or other elements of business operations as needed, provides automated reconciliation of data gathered from E-Surveys and Agiliance Connectors.

  • Agiliance Common Control Framework – providing automated mapping of every major regulatory and mandate requirement for standard and custom controls, encompassing  the widest available set of regulations (SOX, HIPAA, GLBA, FISMA, and others), industry mandates (PCI, SAS70, FFIEC, and others), and standard control frameworks (ISO17799/27002, NIST, COBIT, and others.)

  • The Agiliance Operation Risk Management Engine providing operational risk scoring of controls down to the sub-control level across all 10,000+ controls in the Common Control Framework.

The Agiliance IT-GRC Risk and Compliance Engine Overview

IT GRC 3.0 howitworks.jpg

Agiliance provides the most powerful custom dashboard capability in the industry to empower key functions in the organization:

  • IT Management and Executives: view status on risk for the entire organization, by division, business unit or other configuration; progress on assessment projects for various compliance or internal initiatives; ROI reports on how much investment is enough in controls, investment alternatives analysis in new technology or integration projects, or monitoring Key Risk Indicators (KRI) and the results of Enterprise Risk Management (ERM) threats and contingency plans.
  • IT Security professionals: view status on assessment surveys, participate in developing E-Survey risk assessment questionnaires, identify requisite controls, and provide recommendations on mitigation approaches to identified vulnerabilities and threats.
  • IT Risk professionals: take the lead in developing assessment questionnaires that provide asset criticality ratings for the range of possible survey responses as well as leveraging the powerful operational risk scoring, KRI, and ERM features enabled by Agiliance IT-GRC.
  • IT Compliance and Audit professionals: take the lead in utilizing Agiliance IT-GRC’s large report template collection to comply with external auditors and regulators as well as developing custom reports, without assistance from IT, for internal purposes.
IT Operations professionals: utilize Agiliance IT-GRC’s powerful ticketing engine to ensure that mitigation initiatives follow a closed-loop path from identification to remediation and compliance. These professionals also benefit from using standard controls wherever possible to achieve the greatest security, risk and compliance impact from budget and time expended.

 

 


Live Demo Sign Up
 
 
// Google Analytics tracking scripts // eTrigue tracking scripts // eloqua tracking scripts