eGestalt Technologies SecureGRC Enterprise

Powered by SC Magazine
 

SecureGRC is a cloud-based automated IT security and compliance management solution.

 

SecureGRC supports both a security centric and full blown IT-GRC platform. The offering comes complete with an easy-to-use compliance-management framework, context-based inference engines, alert processing and easy-to-use logging and monitoring solution. The tool features easy-to-adopt and ready-to-use compliance management frameworks, as well as context-based inference engines. In addition, SecureGRC features alert processing along with logging and monitoring capabilities.

Available in Enterprise and SB (small business) editions, SecureGRC is a cloud-based, SaaS-delivered security and risk assessment, auditing and remediation application. It is generally sold through its reseller channels. All data is stored in a SaS 70 Type II secure data center and no electronic record information is removed from a client site.

SecureGRC contains ready-to-use compliance control kits for PCI-DSS 1.2, ISO 27001/27002, COBIT, Sarbanes Oxley, HIPAA/HITECH, Gramm-Leach-Bliley Act, and other country-specific frameworks. 

The tool provides real-time status on the current state of security and compliance and then offers a checklist of questions that guides the process along, asking for proof of documentation to fulfill the compliance request.

No prior knowledge of any particular compliance regulation is necessary in order to use SecureGRC. As a hosted solution, the interface is a web browser. Older browsers are not supported. The user interface is fairly easy to decipher with pull-down selections for customized assessments, controls, risk ratings and more. Users simply follow the application's list of instructions, upload the required documents and the system in the end will generate a report that can be presented to auditors to prove compliance. There is a substantial amount of prepopulated content around the regulatory and compliance standards listed above. Setup requires one to establish user accounts and provision them based on required levels of access. One then selects the templates needed for creating assessments from the list, customizes as necessary and publishes the assessment. Emails are sent to the users with their credentials for accessing the assessment questions.

There is a closed-loop review process where the auditor can ask for additional information to complete the assessment. Once this process finishes, the compliance reports are generated. One doesn't have to be highly technical to use the tool. There is a sensible knowledge base built in that dynamically displays key information relating to the areas one is clicking on.

Documentation is built into the product with a series of drill-down mouse clicks to get to help-related information on a specific topic. Support is delivered via channel partners so fees will vary. If the next version can add in asset management and IT risk correlation, this would be a great product to look at if you are looking for a hosted GRC solution.

Copyright © SC Magazine, US edition


eGestalt Technologies SecureGRC Enterprise
 
:
Overall Rating
Verdict:
Easy to buy, use and manage for questionnaire-driven risk assessments.
Product Info
Supplier:
 
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 309

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 118

Vote