TrustedAgent GRC for Public Sector
Transcript of TrustedAgent GRC for Public Sector
Audit Management Compliance Management
Vendor Risk Management
Vulnerability
Management Incident Management
TrustedAgent Policy
Management Risk and Compliance
Governance
Enterprise Risk
Management IT Governance
Continuous
Monitoring
Agenda
• Risk Management and Compliance Challenges
• Advantages of Good Risk Management
• Introducing TrustedAgent • TrustedAgent Overview
• TrustedAgent and Public Sector
• TrustedAgent Benefits
• Content Libraries
• Prominent Clients
• Using TrustedAgent for Compliance Management
• Contact Information, Q&A and Next Steps
Regulations, standards and control requirements are complex, continue to increase, becoming more confusing to understand, even more costly to implement.
Regulations, standards and control requirements are complex, continue to increase, becoming more confusing to understand, even more costly to implement.
Risk Management and Compliance Challenges
PCI
ISO
Sarbanes-Oxley
HIPAA/HITECH
FFIEC
FISMA GLBA
DIACAP
Silos of information and replications of compliance activities. Collaboration and productivity is limited, time-consuming and bottlenecked by people and activities.
Silos of information and replications of compliance activities. Collaboration and productivity is limited, time-consuming and bottlenecked by people and activities.
Risk Management and Compliance Challenges
Reporting is time-consuming, inefficient, and error-prone. Lack of visibility into the organization security posture.
Reporting is time-consuming, inefficient, and error-prone. Lack of visibility into the organization security posture.
Risk Management and Compliance Challenges
Incur financial penalties, lose brand recognition, lose productivity, face legal liabilities, or undergo greater scrutiny from regulators.
Risk Management and Compliance Challenges
Incur financial penalties, lose brand recognition, lose productivity, face legal liabilities, or undergo greater scrutiny from regulators.
Advantages of Good Risk Management
• Keep senior management and board members out of trouble.
• Avoid fines and loss of operating license resulting from non-compliance.
• Minimize costs relating to stock volatility, lawsuits, public relations, breach
notification, forensic, and remediation measures when incidents occur. • Reduce costs through reduced operational loses and improved efficiency of business operations and processes.
• Better visibility into the risk profile of the organization for improved decision support and risk-adjusted key performance indicators.
• Improve brand recognition, public and shareholder value and
confidence, and relationships with industry regulators, business partners, insurers and other stakeholders.
Introducing TrustedAgent
• Comprehensive, enterprise platform that integrates, standardizes, and automates existing IT GRC processes.
• Enable organizations to meet the challenging, complex, and ever-changing requirements of PCI, SOX, HIPAA, NERC, GLBA, FISMA, and many others.
• Improve existing business processes and best practices using frameworks such as ISO 27001/27002 and COBIT, to achieve cost reduction, eliminate waste and gain operational efficiencies.
TrustedAgent and Public Sector
• Enable organizations to streamline risk management and compliance activities:
• NIST SP 800-37 Rev 1., DIACAP and CNSSI-1253 • FedRAMP Risk Management • DIACAP to NIST RMF Migration • Common Control Support across Regulations • Control Overlay Support
• Enable organizations to streamline key DHS continuous
diagnostics and mitigation activities: • Hardware Asset Management • Software Asset Management • Vulnerability Management • Risk Management • Plan and Response to Events • Document Requirements, Policy, etc.
TrustedAgent and Public Sector
• Enable organizations to better manage and streamline compliance with DFARS 252.204-7012:
• Safeguarding Requirements and Procedures for Unclassified Controlled Technical Information
• NIST SP 800-171 • Cyber Incident and Compromise Reporting • Subcontractor and Supply Chain Risk Management
TrustedAgent Benefits
• Provide an enterprise solution that integrates, standardizes, and enhances the management of security risks, privacy, and regulatory compliance across the enterprise.
• Reduce time and costs associated with risk management
activities through collaboration, dashboard analytics, and automated reporting and document generation.
• Provide a standard of care to minimize security risks, legal liabilities, and penalties, and to facilitate communications with shareholders, customers, regulators, and insurers.
• Continuously monitor and assess critical business assets
and functions to gain visibility into and improve their security and compliance posture.
Content Libraries
Support any open source content as well as any commercial third-party content.
Trademarks and copyrights are properties of their respective owners.
Using TrustedAgent for Compliance Management
Step 1. Manage Assessment Entities for Systems, Sites,
Programs, Vendors, Audits, and Processes
Using TrustedAgent for Compliance Management
Step 2. Manage Entity Details (i.e., general information, assets,
POCs, interconnections)
Using TrustedAgent for Compliance Management
Step 3. Create and Manage Assessments
Step 4. Setup Security Categorization,
Common Controls, and Control Groups
Using TrustedAgent for Compliance Management
Step 5. Document Control
Implementation Details
Step 6. Manage Implementation
Artifacts and Work Papers
Using TrustedAgent for Compliance Management
Step 7. Track Risk Management Activities and
Documents
Step 8. Generate Regulatory Documents (i.e., SSP, audit
plan, audit results)
Using TrustedAgent for Compliance Management
Step 9. Manage Findings and
Corrective Actions
Step 10. Manage Remediation Details
Using TrustedAgent for Compliance Management
Step 11. Generate Dashboard Reports
Step 12. Generate Enterprise Risk
Reports
Contact Information, Q&A, and Next Steps
Trusted Integration, Inc.
525 Wythe Street
Alexandria, VA 22314
703-299-9171 Main
703-299-9172 Fax
www.trustedintegration.com