Agiliance weaves together governance, compliance, and security management

IT governance involves measuring risk, taking appropriate security measures, and reassessing both risk and security at regular intervals. It's a difficult job made harder by the fact that these processes are typically managed separately. A new solution from a Silicon Valley startup called Agiliance brings them all together. Agiliance takes on risk management, compliance, and auditing, creating a single place to

IT governance involves measuring risk, taking appropriate security measures, and reassessing both risk and security at regular intervals. It's a difficult job made harder by the fact that these processes are typically managed separately. A new solution from a Silicon Valley startup called Agiliance brings them all together.

Agiliance takes on risk management, compliance, and auditing, creating a single place to view your organization's stance on all of these previously separate information silos. Agiliance IT-GRC pulls in risk and vulnerability assessment data from sources including nCircle, Foundstone, Nessus, and ArcSight, and even incorporates access control policies with information from Microsoft Active Directory and CA SiteMinder. Stakeholders then use this information to assess the level of risk to their data, as well as to their hardware and software assets.

Agiliance provides a variety of survey templates and questionnaires to query business users about how they are using information assets and the importance of the business processes that those assets serve. These risk and value factors are then mapped to compliance policy templates to help you identify where deficiencies exist in relation to regulatory compliance requirements and to your organization's overall security policies and standards. Dashboards and reports help you monitor your success in meeting specific security and compliance goals.

For example, this dashboard provides information on assets and risks for a specific Finance group (click the image for a closer view):

AgilianceDashboardSm.gif

The process that Agiliance IT-GRC guides you through is more complex than I've described here, but the end result is a unified dashboard that graphically displays your organization's overall security risk and compliance status. And because the Agiliance solution creates a feedback loop that measures current security posture and standards compliance against previous levels, it's easy to track progress over time.

Agiliance IT-GRC

Available: Now

Pricing: Pricing is based on factors such as number of compliance packs, number of assets, and number of connectors for integration with external data sources. Customers can get started with one compliance pack or risk management pack for a group of 100 assets for as little as $50,000 for a one-year subscription.

Summary: Agiliance's automated processes will ease the collection of risk and value information from business users and vulnerability data from security information systems, reducing the manual effort involved in tracking your organization's security stance. This solution can help you manage risks and vulnerabilities while increasing security awareness and measuring compliance with existing standards.

Copyright © 2007 IDG Communications, Inc.

How to choose a low-code development platform