Organisations can now benefit from a real-time and integrated view of all cyber security threats, thanks to the new IT GRC solution from new generation GRC solution provider OXIAL, that integrates IT risks and threats with overall risk and compliance structures.
Based on years of experience managing IT systems, and collaborating with information security experts, OXIAL IT GRC combines disciplines to guarantee a better level of security and performance, and provides powerful features to manage IT priorities in line with business expectations.
OXIAL IT GRC offers risk, audit and control modules, as well as information security modules focused on an IT Governance approach, for either the Financial Services or Insurance Industry. It allows quantitative and qualitative measurement of the risks and their financial impact, thus reducing human errors, fraud, or quality issues.
“The cyber threat in 2017 is more professional and targeted than ever before and organisations are increasingly vulnerable to such attacks,” said Eric Berdeaux, CEO, OXIAL. “Because IT risks are now business risks that come with business consequences, organisations must adapt the way they manage those risks. This is not an “IT Department” contained matter and it requires an effective risk management capability, a common language and a common framework for decisions and controls. Thus, reducing fires to fight, reducing costs, re-focusing on more productive activities creating business value. By incorporating IT GRC into a company’s overall GRC framework, employee interactions are moulded from the bottom up, with checks at all levels and types of access point.”
Key benefits of the solution include:
• Manage unified compliance framework with pre-formatted regulations, methodologies, frameworks and security policies (Cyber, GDPR, ISO27001,NIST CSF,..)
• Assign measures to team or people, follow up on actions, manage delays
• Manage security control catalog based on best practices
• Provide a flexible issue management system
• Produce in seconds dynamic compliance reports
• Assess environments by using best in class audit programs
• Compare year on year trends
• Link assets to entities to business and IT processes
• Load external audit programs, remarks, recommendations & actions
• End to end data protection using best in class encryption management system (Global Data Sentinel)
• Use watchdog technology to find inappropriate behavior
OXIAL IT GRC is based on the idea that IT risk management begins with smart and effective governance. IT risks are so many and varied, and have such serious consequences for the entire business, that they really are business risks and should be managed as such. The new solution therefore provides a balanced and comprehensive view of all an enterprise’s business risks, bringing together all elements of IT risk including availability, security, project management and disaster recovery and integrating with overall risk and compliance structures.
Based on the COBIT IT framework and fully COSO compliant, IT GRC provides a quantitative and qualitative measurement of the risks and their potential financial impact, and guides senior executives on how best to manage these risks.
“Bringing IT security into a more centralised risk management strategy is not only more effective for cyber security, but it will improve communication between IT and management,” continued Eric Berdeaux. “Risk management is a board-level issue and this approach makes it easier to secure budget and resource when senior executives understand the risk and potential damage to the business.”