Modulo Security, the risk assessment, compliance and knowledge company, is launching the new version of its software program for risk management, compliance, and knowledge management. The software will be presented during the C3 Expo, in New York. It contains features that support IT governance and risk management in companies, and helps in the implementation of COBIT 4 and ISO 27001.

“Laws and regulations are becoming increasingly strict and the marketplace has been adapting to these changes, which should be seen in a positive way, since they provide a direction for administrators and demonstrate the maturity of the IT and Risk Management areas”, says Charlie Warhaftig, Director of Modulo Security. “The growing demand for security solutions after Sarbanes-Oxley and Basel II has guided the development of this new version, which also contains specific knowledge bases for compliance with FISMA and NIST 800”, he adds.

New Features

Security Governance – provides a view of the organization's security system, integrating business, systems, and IT infrastructure (output in Visio diagrams). Helps establish investment priorities according to the importance of each asset to the business.

Georeferenced View of Risks - Map providing a georeferenced view of risks (using Google Earth) to allow identification of risk indexes in geographically distributed organization units.

Risk Scorecard - An executive view of risks by means of a control panel with metrics and security indexes, as well as tables and charts.

Compliance Automation (COBIT 4, NIST and ISO 17799) – Checks the level of compliance with ISO 17799 and COBIT 4, reducing investment in the implementation of frameworks and in fulfilling the requirements of multiple audits.

COBIT 4.0 Strategic Analysis – Helps integrate business goals, IT goals, and IT processes.

Roadmap for ISO 27001 Certification – Specific checklists to support certification, gap analysis or security compliance, allowing the organization to store control evidence in a single repository, to monitor the steps needed for certification, and to demonstrate fulfillment of requirements during the certification audit.

New Knowledge Domains – New knowledge bases for assessment of service providers, using eSCM - eSourcing Capability Model for Service Providers, developed by Carnegie Mellon University,