eGestalt Technologies SecureGRC Enterprise

Powered by SC Magazine
 

SecureGRC is a cloud-based automated IT security and compliance management solution.

 

SecureGRC supports both a security centric and full blown IT-GRC platform. The offering comes complete with an easy-to-use compliance-management framework, context-based inference engines, alert processing and easy-to-use logging and monitoring solution. The tool features easy-to-adopt and ready-to-use compliance management frameworks, as well as context-based inference engines. In addition, SecureGRC features alert processing along with logging and monitoring capabilities.

Available in Enterprise and SB (small business) editions, SecureGRC is a cloud-based, SaaS-delivered security and risk assessment, auditing and remediation application. It is generally sold through its reseller channels. All data is stored in a SaS 70 Type II secure data center and no electronic record information is removed from a client site.

SecureGRC contains ready-to-use compliance control kits for PCI-DSS 1.2, ISO 27001/27002, COBIT, Sarbanes Oxley, HIPAA/HITECH, Gramm-Leach-Bliley Act, and other country-specific frameworks. 

The tool provides real-time status on the current state of security and compliance and then offers a checklist of questions that guides the process along, asking for proof of documentation to fulfill the compliance request.

No prior knowledge of any particular compliance regulation is necessary in order to use SecureGRC. As a hosted solution, the interface is a web browser. Older browsers are not supported. The user interface is fairly easy to decipher with pull-down selections for customized assessments, controls, risk ratings and more. Users simply follow the application's list of instructions, upload the required documents and the system in the end will generate a report that can be presented to auditors to prove compliance. There is a substantial amount of prepopulated content around the regulatory and compliance standards listed above. Setup requires one to establish user accounts and provision them based on required levels of access. One then selects the templates needed for creating assessments from the list, customizes as necessary and publishes the assessment. Emails are sent to the users with their credentials for accessing the assessment questions.

There is a closed-loop review process where the auditor can ask for additional information to complete the assessment. Once this process finishes, the compliance reports are generated. One doesn't have to be highly technical to use the tool. There is a sensible knowledge base built in that dynamically displays key information relating to the areas one is clicking on.

Documentation is built into the product with a series of drill-down mouse clicks to get to help-related information on a specific topic. Support is delivered via channel partners so fees will vary. If the next version can add in asset management and IT risk correlation, this would be a great product to look at if you are looking for a hosted GRC solution.

Copyright © SC Magazine, US edition


eGestalt Technologies SecureGRC Enterprise
 
:
Overall Rating
Verdict:
Easy to buy, use and manage for questionnaire-driven risk assessments.
Product Info
Supplier:
 
 
 
 
Top Stories
Frugality as a service: the Amazon story
Behind the scenes, Amazon Web Services is one lean machine.
 
Negotiating with the cloud email megavendors
[Blog post] Lessons from Woolworths’ mammoth migration.
 
Qld govt to move up to 149k staff onto Office 365
Australia's largest deployment, outside of the universities.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

The great data centre opportunity on Australia's doorstep
The great data centre opportunity on Australia's doorstep
Scott Noteboom, CEO of LitBit speaking at The Australian Data Centre Strategy Summit 2014 in the Gold Coast, Queensland, Australia. http://bit.ly/1qpxVfV Scott Noteboom is a data centre engineer who led builds for Apple and Yahoo in the earliest days of the cloud, and who now eyes Asia as the next big opportunity. Read more: http://www.itnews.com.au/News/372482,how-do-we-serve-three-billion-new-internet-users.aspx#ixzz2yNLmMG5C
Interview: Karl Maftoum, CIO, ACMA
Interview: Karl Maftoum, CIO, ACMA
To COTS or not to COTS? iTnews asks Karl Maftoum, CIO of the ACMA, at the CIO Strategy Summit.
Susan Sly: What is the Role of the CIO?
Susan Sly: What is the Role of the CIO?
AEMO chief information officer Susan Sly calls for more collaboration among Australia's technology leaders at the CIO Strategy Summit.
Meet the 2014 Finance CIO of the Year
Meet the 2014 Finance CIO of the Year
Credit Union Australia's David Gee awarded Finance CIO of the Year at the iTnews Benchmark Awards.
Meet the 2014 Retail CIO of the Year
Meet the 2014 Retail CIO of the Year
Damon Rees named Retail CIO of the Year at the iTnews Benchmark Awards for his work at Woolworths.
Robyn Elliott named the 2014 Utilities CIO of the Year
Robyn Elliott named the 2014 Utilities CIO of the Year
Acting Foxtel CIO David Marks accepts an iTnews Benchmark Award on behalf of Robyn Elliott.
Meet the 2014 Industrial CIO of the Year
Meet the 2014 Industrial CIO of the Year
Sanjay Mehta named Industrial CIO of the Year at the iTnews Benchmark Awards for his work at ConocoPhillips.
Meet the 2014 Healthcare CIO of the Year
Meet the 2014 Healthcare CIO of the Year
Greg Wells named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at NSW Health.
Meet the 2014 Education CIO of the Year
Meet the 2014 Education CIO of the Year
William Confalonieri named Healthcare CIO of the Year at the iTnews Benchmark Awards for his work at Deakin University.
Meet the 2014 Government CIO of the Year
Meet the 2014 Government CIO of the Year
David Johnson named Government CIO of the Year at the iTnews Benchmark Awards for his work at the Queensland Police Service.
Q and A: Coalition Broadband Policy
Q and A: Coalition Broadband Policy
Malcolm Turnbull and Tony Abbott discuss the Coalition's broadband policy with the press.
AFP scalps hacker 'leader' inside Australia's IT ranks.
AFP scalps hacker 'leader' inside Australia's IT ranks.
The Australian Federal Police have arrested a Sydney-based IT security professional for hacking a government website.
NBN Petition Delivered To Turnbull's Office
NBN Petition Delivered To Turnbull's Office
UTS CIO: IT teams of the future
UTS CIO: IT teams of the future
UTS CIO Chrissy Burns talks data.
New UTS Building: the IT within
New UTS Building: the IT within
The IT behind tomorrow's universities.
iTnews' NBN Panel
iTnews' NBN Panel
Is your enterprise NBN-ready?
Introducing iTnews Labs
Introducing iTnews Labs
See a timelapse of the iTnews labs being unboxed, set up and switched on! iTnews will produce independent testing of the latest enterprise software to hit the market after installing a purpose-built test lab in Sydney. Watch the installation of two DL380p servers, two HP StoreVirtual 4330 storage arrays and two HP ProCurve 2920 switches.
The True Cost of BYOD
The True Cost of BYOD
iTnews' Brett Winterford gives attendees of the first 'Touch Tomorrow' event in Brisbane a brief look at his research into enterprise mobility. What are the use cases and how can they be quantified? What price should you expect to pay for securing mobile access to corporate applications? What's coming around the corner?
Ghost clouds
Ghost clouds
ACMA chair Chris Chapman says there is uncertainty over whether certain classes of cloud service providers are caught by regulations.
Was the Snowden leak inevitable?
Was the Snowden leak inevitable?
Privacy experts David Vaile (UNSW Cyberspace Law and Policy Centre) and Craig Scroggie (CEO, NextDC) claim they were not surprised by the Snowden leaks about the NSA's PRISM program.
Latest Comments
Polls
Which bank is most likely to suffer an RBS-style meltdown?





   |   View results
ANZ
  20%
 
Bankwest
  9%
 
CommBank
  11%
 
National Australia Bank
  17%
 
Suncorp
  24%
 
Westpac
  19%
TOTAL VOTES: 1440

Vote