Products


“We are looking to Agiliance to raise the quality of our risk assessments while reducing the time and cost needed to complete them.”
E. Moskowitz
Corporate Information Security
State Street Corporation

Identify Risk, Policies and Controls

The Challenge

Knowing how much to invest to manage IT risk and compliance liabilities is a major challenge for most organizations today. Just following regulatory compliance requirements and standard ISO controls does not mean the organization is spending enough to protect itself from threats unique to its industry or infrastructure. Every enterprise is unique. Risk is unique to the organization.

The Solution

Agiliance IT-GRC provides organizations with the most powerful, flexible, adaptable means of automating risk and compliance management techniques that objectively answer the questions:

  • How much risk is too much?
  • How much investment is enough to comply with regulations and mandates?
  • How much leverage is possible from existing investments
Identify Risk

Only Agiliance IT-GRC enables risk management options along three key dimensions:
  • Current State Operational IT Risk
  • Past Risk Performance using Key Risk Indicators (KRIs)
  • Potential Risk Threats using Enterprise Risk Management (ERM)
Furthermore, Agiliance IT-GRC allows organizations to approach compliance management in two fundamental ways:
  • Start with Risk to Identify Controls and Then Comply with Regulations
  • Start with Compliance Regulations and Measure the Resulting Risk Levels

Policy Management and the Common Control Framework

Whether customers start with risk or compliance requirements to identify controls, Agiliance IT-GRC enables them to define their unique set of controls to be managed continuously over time. Controls can be defined for specific standards, regulations or mandates, or they can be defined as new asset are identified.

The Agiliance Common Control Framework Conceptual Summary

framework 800pix 11-22-06

 

Benefits of Risk and Compliance Management Automation

The combination of Agiliance IT-GRC powerful risk management features with the Common Control Framework results in dramatically lower audit costs of up to 70% to 80% for most organizations. The payback is immediate and typically measured in days or weeks, not months.
The dramatic savings and efficiencies of automating basic risk management techniques as applied to compliance management and control testing include:

  • Provides executive managers with ROI calculations of investment spend in controls in relation to perceived risks and compliance requirements
  • Enables teams to “test once, comply to many regulations”
  • Allows for migration to a single set of controls over time, not all at once
  • Eliminates overlaps in application of similar controls used for different regulations
  • Enables utilization of custom controls as needed
  • Enables testing of only those controls that matter, such high criticality assets, or for specific business units.

Live Demo Sign Up