MetricStream IT GRC Solutions Witness Rapid Adoption as Companies
Seek to Integrate Bottom-Up IT Control Processes with Top-Down Risk
Intelligence
PALO ALTO, Calif., Dec. 13, 2012 /PRNewswire/ -- In today's
increasingly virtualized, mobile, and cloudy world, Chief
Information Officers (CIOs) and Chief Information Security Officers
(CISOs) are confronted with complex challenges around information
security, big data management, and compliance with regulations such
as SOX, PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. The traditional
approach of managing these requirements in multiple silos and
systems is not only inefficient and expensive, but also leads to
redundancies and conflicts. Today, organizations seek to
rationalize and harmonize their IT GRC processes, while also
providing top-level visibility into enterprise IT risk and
compliance data that can help determine areas of concern, and
enable management to make quick, actionable decisions based on
sound data points.
MetricStream provides a comprehensive suite of IT GRC solutions
that aggregate and unify IT risk and information security and
compliance data from across the hyper-extended enterprise. The
solutions also help add business context to the data, as well as
provide strong analytics capabilities to support mature,
risk-oriented security programs.
The MetricStream solutions integrate with various applications –
such as those for identity management, asset management, Security
Information and Event Management (SIEM), threat and vulnerability
assessment, intrusion detection and prevention, and security feeds
– to consolidate data related to information security, and
technology risks. Powerful dashboards present a real-time,
top-level view of this information. The solution also facilitates a
robust workflow-based approach to IT audit management and
remediation management.
MetricStream IT GRC Solutions were recently reviewed by IDC, a
leading provider of global IT research and advice, in its report -
"MetricStream: Comprehensive Solutions for IT Governance,
Risk, and Compliance[1]." The report highlights
MetricStream's "strong intellectual property (IP) portfolio around
GRC," its "strong portfolio of IT GRC products that address
end-to-end customer requirements," and its "strong partnership with
various technology vendors in the security, smart grid, network
management, operations, and asset management spaces." The report
also highlights MetricStream's "strong IT GRC capabilities around
cloud and virtualized environments."
Mayur Sahni, Research Manager,
Services at IDC Asia/Pacific says, "Compliance requirements today
are non-negotiable, and it's imperative for enterprises to
implement a structured, organization-wide approach to IT GRC.
MetricStream has a broad set of technologies not only to enforce
and implement IT controls, but also to collect and harvest the
information required to manage risk and demonstrate
governance."
MetricStream IT GRC solutions provide integration capabilities
for IT security, cloud, infrastructure, General Computer Controls
(GCC), and business application controls. It simplifies compliance
across IT regulations, standards, and frameworks by supporting
automated monitoring and reporting of IT risk and control
effectiveness and provides comprehensive content for meeting
compliance challenges, including over 5,000+ IT control statements
from over 800+ authority documents through a partnership with UCF,
which helps organizations harmonize on the smallest possible set of
IT controls to meet all their compliance requirements. The
solutions also provide robust IT audit management capabilities,
streamlines the IT audit and compliance process, and enable
multiple stakeholders to gain visibility into the status of these
processes and their results. IT control or compliance issues that
arise are automatically routed through a systematic process of
investigation and remediation.
With MetricStream's acquisition of vPanorama cloud GRC
technology from TBD Networks, the company is able to provide
solutions that allow its customers to seamlessly manage risks,
regulatory compliance challenges, privacy requirements, security
threats, and performance metrics across the cloud & virtualized
infrastructure. The technology has augmented MetricStream's IT GRC
solutions by providing granular visibility and control over
security configuration assessments, continuous controls monitoring,
risk management, and threat and vulnerability management. It helps
minimize inefficiencies, while enhancing the reliability and
performance of the cloud infrastructure.
MetricStream's robust functionality has attracted marquee
customers across industry segments, which include some of the
largest and most respected companies in social media and Internet
information, banking and financial services, healthcare,
manufacturing, energy, and retail.
"IT organizations have focused solely on a bottom-up approach so
far – implementing granular IT controls based on vulnerability
scans, patch, and configuration control data. This approach results
in a lot of data but little actionable intelligence," said
Vasant Balasubramanian, Vice
President of Product Management at MetricStream. "MetricStream
combines bottom-up data with a top-down approach and over-arching
analytics that correlate information risk, security, compliance,
and business issues to provide actionable risk intelligence.
Furthermore, with MetricStream's recent acquisition of vPanorama
technology, we provide the unique capability of bringing top-down
risk intelligence and IT GRC controls to the cloud. We also help
enhance business value by closely aligning IT investments with
organizational strategy and corporate objectives."
[1] IDC, MetricStream: Comprehensive Solutions for IT
Governance, Risk, and Compliance, Doc #IN2672604U, July 2012
About MetricStream
MetricStream is a market leader in Enterprise-wide Governance,
Risk, Compliance (GRC) and Quality Management Solutions for global
corporations. MetricStream solutions are used by leading
corporations such as UBS, P&G, Constellation Energy, Pfizer,
Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic
Automotive in diverse industries such as Financial Services,
Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG,
Government, Hi-tech and Manufacturing to manage their risk
management, quality processes, regulatory and industry-mandated
compliance and corporate governance initiatives, as well as several
million compliance professionals worldwide via the
www.ComplianceOnline.com portal. MetricStream is headquartered in
Palo Alto, California and can be
reached at www.metricstream.com.
Media contact:
Mr. Vinay
Bapna
pr@metricstream.com
650-620-2955
This press release was issued through eReleases® Press Release
Distribution. For more information, visit
http://www.ereleases.com.
SOURCE MetricStream