The event will bring together major Wall Street and technology companies operating in New York

Modulo Security, the Risk Assessment, Compliance and Knowledge Management Company, will take part in of the most important security conference held on Wall Street, the Effective Risk Management: Security Compliance and Disaster Recovery, organized by the Wall Street Technology Association, (WSTA). Participation in the WSTA event is a new step in Modulo Security's globalization process. The company has just started North American operations from its New York office..

Modulo Security executive Charles Warhafitg, and his team will present to the North American market the latest version of Risk Manager™, its IT risk assessment and information security knowledge management software. Among the new developments to be presented are features such as the "Geo-referenced Risk View", which uses Google Earth to map risk areas, and "Integrated View of Business Processes in Companies with IT Infrastructure", which provides executives with a clear Visio-diagramed view of the risks related to IT infrastructure in their business units.

Risk Manager™ is a specialized system developed to measure, assess and manage risk in organizations of any size and scope.

Risk Manager™ is the result of Modulo Security's creation, innovation and development efforts in three essential areas: a knowledge base on information security containing more than 130 checklists, 8700 information security controls and 2800 automatic collectors; a specialized program with a friendly interface and certified methodology, continually updated and conformant with ISO 27001, ISO Guide 73 and PMIBOK. With the Tool, companies can identify and assess their main security problems, find solutions, and set priorities for solving them.

According to Warhafitg, “one of Risk Manager™'s main competitive advantages is the comprehensive way in which the software handles corporate administration and risk management, which supports corporations in complying with a series of new governmental regulations.”

Mr. Warhaftig states that “Risk Manager™ will be of great assistance for U.S. companies in achieving compliance with laws, standards and regulatory acts. These include the U.S. Federal Information Security Management Act (FISMA), which details information security regulations for government organizations; HIPPA, that establishes regulations for the health care industry, including patients' right to privacy regarding their personal data, as well as Sarbanes & Oxley and Basel Accord II, which regulate the financial sector, CIP, in the energy segment, and ISO 27001, for information security management. Risk Manager™ automates risk assessment processes associated with these regulations", says Warhafitg.

Google Earth and Visio

Created to allow control of risk in different business units, "Geo-referenced Risk View" produces a detailed map of the analysis area and defines the risk level for that area. Using Google Earth, users define the business unit to be analyzed and Risk Manager™ maps all the assets and their corresponding risk levels, in full color and detail. This makes it possible to identify and classify risk levels in each unit, providing an overview of the risks involved with each asset. The map uses colors to identify the existing risks in each area.

“The system presents a detailed map of the consolidated risk levels for each business unit. This provides large, geographically dispersed organizations with a comprehensive image of their major risk areas”, says Charles Warhafitg.

Another innovation is the integrated view of business processes in companies with IT infrastructure. This feature uses Visio technology to provide an executive view of the risks per business unit, based upon a consolidation of the risks identified in the infrastructure.

"A manager can distinguish the business components which are associated with various parts of the infrastructure. In other words, it shows how significantly a given infrastructure component's risk level can impact the Company's business", explains Warhafitg. "Today, the results yielded by Risk Manager™’s risk analysis provides executives with sufficient critical information to support decisions on where to invest in order to reduce risks in their organizations. Executives using this solution will clearly see the risks associated to their businesses, enabling them to make expedient and precise decisions on where and how to invest", he concludes.

In addition to these, the new version of Risk Manager™ brings other new features such as:

• Customization of web-based user interviews – Allows standard language used in Risk Manager™ questionnaires to be adapted to a clients' environment, so that it is more easily understood by all users in a company

• New compliance checklists – Checklists associated with compliance to laws, standards and regulations. They provide best practice support in the assessment for certifications and audits. These checklists can help companies demonstrate their conformity with new regulations such as ISO 27001 and FISMA

• Inclusion of photos and files as evidence in security assessments – For each control, the system allows the insertion of digital files or media to be used as proof that a particular control actually exists;

• Complete Live Update – Updates both the knowledge base and the software program (new features, new modules or new reports). These updates can be configured by the user to be performed daily or weekly;

• Additional customizable fields for assets and perimeters – These fields allow the company to insert extra information about assets and perimeters, allowing the storage of information that is not originally a part of Risk Manager™'s architecture;

• Color-schemed risk matrix – A mechanism which allows executives to visually map the higher and lower-risk areas in the company, using colors to specify each risk level.

Events

Effective Risk Management: Security Compliance and Disaster Recovery, organized by the WSTA, to be held on April 05 at the New Yorker hotel, 481 8th Ave., NY.