New version helps in the implementation of COBIT 4.0 and ISO 27001
Modulo Security, the risk assessment, compliance and knowledge company, is launching the new version of the Risk Manager™ risk assessment, compliance and knowledge management software during the Microsoft Worldwide Partner Conference, which takes place July 11 to 13 in Boston. The software’s new knowledge base contains features that support IT governance and risk management in companies, and helps in the implementation of COBIT 4 and ISO 27001.
Risk Manager™’s new features were developed during nine months and involved more than 50 professionals from Modulo’s internal team and partner companies. One of the tool’s chief benefits is the automation of processes, based on market standards and practices, which guarantees an average productivity increase in the order of 80%.
Below we present information on each new feature.
Security Governance – provides a view of the organization's security system, integrating business, systems, and IT infrastructure (output in Visio diagrams). Helps establish investment priorities according to the importance of each asset to the business.
Georeferenced View of Risks - Map providing a georeferenced view of risks (using Google Earth) to allow identification of risk indexes in geographically distributed organization units.
Checklist automation - The user can add new controls to Risk Manager™, automating information collection, consolidation of results and generation of reports.
Risk Scorecard - An executive view of risks by means of a control panel with metrics and security indexes, as well as tables and charts.
Compliance Automation (COBIT 4, NIST and ISO 17799) – Checks the level of compliance with ISO 17799 and COBIT 4, reducing investment in the implementation of frameworks and in fulfilling the requirements of multiple audits.
COBIT 4.0 Strategic Analysis – Helps integrate business goals, IT goals, and IT processes.
Roadmap for ISO 27001 Certification – Specific checklists to support certification, gap analysis or security compliance, allowing the organization to store control evidence in a single repository, to monitor the steps needed for certification, and to demonstrate fulfillment of requirements during the certification audit.
New Knowledge Domain – New knowledge bases for assessment of service providers, using eSCM - eSourcing Capability Model for Service Providers, developed by Carnegie Mellon University.