Policy management is an administrative framework that establishes operating rules as a means of maintaining order, security, consistency, or otherwise furthering an organizational goal. Organizations not only need to centrally manage policies and map them to stated objectives and guidelines, but must also ensure their promotion and awareness to create an environment of good corporate governance.

Limitations of Current Practices

Many organizations struggle to manage corporate policies in a consistent manner as well as ensure an optimal level of compliance. Paper-based practices are often fragmented, and traditional electronic policy management systems make it difficult to manage review cycles and track policy exceptions in an integrated manner. Many organizations also have difficulty meeting the complex demands of multiple applicable regulations, such as  GLBA, PCI, HIPAA and SOX, industry guidelines, and well-established best practices. Distributed business processes and multiple geographies further complicate the implementation of effective policy management strategies.

Modulo Risk Manager enables you to efficiently administer your policy management efforts while assessing compliance with stated policies and controls. Modulo Risk Manager enables organizations to regulate the key activities that form part of an effective policy management process while delivering a framework to meet governance, risk management and compliance objectives with a comprehensive and consistent process for managing the lifecycle of corporate policies

• Reduces time and effort required to create and update policies, manage exceptions, and map policy content in order to assess compliance level with multiple regulations, such as the PCI DSS, ISO/IEC 27001/27002, COSO, COBIT, FFIEC Security Handbook, HIPAA, and NIST
• Increases efficiency by using a single portal to formalize policy authoring, editing and process review, utilizing access controls including both user role categories and record-level permissions.
• Provides a workflow environment enabling organizations to initiate and manage requests for policy exceptions across the enterprise by creating alert notifications, monitoring them by control, department, severity or other meaningful criteria, and distributing content to appropriate subject experts for review.
• Creates time and cost savings associated with reporting on policy management program initiatives, utilizing real-time reports and dashboards to bring clarity on policies and control standards.
• Increases efficiencies associated with communicating policies through user-specific dashboards and email notifications that are relevant to specific roles, departments and business functions.

 

- Policy Management - In the News
Modulo announces an iPhone IT GRC Application and a unique approach to Policy Management at Gartner summit in Chicago Apr, 2009