[February 14, 2011]

Modulo to Demonstrate GRC Automation in the Cloud at RSA Conference 2011

Modulo, a leading provider of enterprise governance, risk and compliance (GRC) solutions used by over a thousand organizations worldwide, today announced that its award-winning Modulo Risk Manager™ is now available for fast and cost-effective deployment in the cloud. This new service enables customers to take advantage of the scalability of the cloud to automate their GRC programs and manage risks as well as meet various standards, laws, and regulations.

The company will demonstrate these and other new capabilities featured in version 7.1 of Modulo Risk Manager at RSA Conference 2011, February 14-18, Booth # 1951.

"This new version of our mature, fully integrated GRC solution solves some of the most pressing risk and compliance management needs for organizations today such as compliance cross-referencing and vendor risk management - while also introducing unique integration methods such as iPhone (News - Alert) and mobile device collectors and the industry's first open source GRC data collection platform," added Alvaro Lima, president and CEO for Modulo.

"At RSA (News - Alert) we are also pleased to share our extensive hands-on experience implementing GRC programs for hundreds of companies with the release of our eBook 'ISO 27001 and 27002: A Practical View.' This is an important resource for CISOs and CSOs who would like to adopt the ISO principles or gain certification because it aligns theory with practice and helps structure and mature an information security management program. Modulo was the first information security company to be ISO 27001 certified and by applying these principles we were able to achieve 50% automation, gain a better view of and spend more time remediating risks, and measure our security over time."

• Compliance Cross-References with ISO 27001, PCI (News - Alert) DSS and HIPAA: Fulfilling requirements from multiple regulations, frameworks and standards is one of the main compliance management challenges. It requires an in-depth understanding of each law and standard in addition to high costs associated with redundant audits and investments in training. Modulo Risk Manager enables organizations to manage simultaneous compliance assessments at once while reducing costs by cross-referencing common requirements from different frameworks, policies, laws, standards, and regulations - including the latest version of PCI DSS and HIPAA as well as SOX, ISO 27002, BS 25999, Basel II, Shared Assessment Programs/BITS and more. Users can also map requirements from authoritative sources such as internal policies.
• Vendor RiskManagement: Vendor Risk Management is increasingly at the forefront of risk management priorities because today's organizations rely on hundreds if not thousands of partners, vendors and service providers - giving them access to transmit, store and process commercially sensitive and proprietary data. Regulations such as SOX, GLBA, HIPAA, PCI DSS and others explicitly mandate that corporate control activities extend to these third-party networks. Modulo Risk Manager assesses vendor compliance and manages risk efficiently and effectively throughout the entire vendor management process: from risk-based vendor selection and relationship management to ongoing compliance monitoring and reporting.
• Integration with Scanners: Through its flexible architecture, Modulo Risk Manager allows other systems and applications used by organizations, such as vulnerability scanners, to be integrated for comprehensive management of GRC and information security. Modulo provides out-of-the box support for the popular Nessus®, QualysGuard® and Rapid7 NeXpose® products.
• Knowledge Management: Modulo Risk Manager's framework allows the addition of knowledge specific to any business segment to be added including knowledge bases, authoritative documents, surveys, threats, and other sources. Modulo's extensive knowledge database is updated periodically with GRC and information security best practices.
• Incident and Remediation Workflow: Risks and non-compliances identified in the GRC process can be treated and monitored through Modulo Risk Manager's enhanced workflow. Custom events can be created, all phases can be monitored, responsibilities can be assigned, and evidence can be stored for audit purposes.
• Mobile Device Collectors: New automated collectors gather data required for analysis in the GRC process both onsite as well as remotely using devices such as the iPhone and other smartphones.
• GRC Open Source (News - Alert) Collectors: modSIC (Modulo Open Distributed SCAP Infrastructure Collector) is the industry's first open source initiative for GRC management. It provides a common platform to create collectors and gather security data in order to automate policy compliance, audits and risk assessments utilizing the Security Content Automation Protocol (SCAP) standard.

Twitter: @moduloitgrc

Complementary eBook Download: http://www.modulo.com/iso-ebook/

Open Source modSIC Project: http://www.modsic.org/

Product Brochure: http://www.modulo.com/risk-manager

About RSA Conference

RSA Conference offers information security professionals an opportunity to learn about the latest security trends and technologies, including best practices, and gain insight into the most critical technical and business issues facing organizations today. For more information visit: http://www.rsaconference.com/2011/usa/.

About Modulo

Modulo is a leading global enterprise provider of comprehensive Governance, Risk and Compliance (GRC) management solutions. Modulo's Award winning Risk Manager™ provides over 1,000 world-wide organizations with the tools they need to automate the entire GRC management process to monitor, manage and sustain adherence to policy and regulations while reducing enterprise risk and complexity. Customers span the financial, health care, retail, telecom, power & gas and government sectors and include BASF, BC Hydro, Microsoft, New York University Medical Center, Synovus Financial, Schlumberger (News - Alert) and VisaNet. Modulo is recognized as a winner of the Info Security Products Guide 2010 Global Product Excellence Award, Network Products Guide 2010 Product Innovation Award and 2011 SC Magazine Excellence Award Finalist in Best Regulatory Compliance.

Visit www.modulo.com for more information.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=6609827&lang=en

[ Back To TMCnet.com's Homepage ]