TrustedAgent GRC for Public Sector

24
Audit Management Compliance Management Vendor Risk Management Vulnerability Management Incident Management TrustedAgent Policy Management Risk and Compliance Governance Enterprise Risk Management IT Governance Continuous Monitoring

Transcript of TrustedAgent GRC for Public Sector

Audit Management Compliance Management

Vendor Risk Management

Vulnerability

Management Incident Management

TrustedAgent Policy

Management Risk and Compliance

Governance

Enterprise Risk

Management IT Governance

Continuous

Monitoring

Agenda

• Risk Management and Compliance Challenges

• Advantages of Good Risk Management

• Introducing TrustedAgent • TrustedAgent Overview

• TrustedAgent and Public Sector

• TrustedAgent Benefits

• Content Libraries

• Prominent Clients

• Using TrustedAgent for Compliance Management

• Contact Information, Q&A and Next Steps

Regulations, standards and control requirements are complex, continue to increase, becoming more confusing to understand, even more costly to implement.

Regulations, standards and control requirements are complex, continue to increase, becoming more confusing to understand, even more costly to implement.

Risk Management and Compliance Challenges

PCI

ISO

Sarbanes-Oxley

HIPAA/HITECH

FFIEC

FISMA GLBA

DIACAP

Silos of information and replications of compliance activities. Collaboration and productivity is limited, time-consuming and bottlenecked by people and activities.

Silos of information and replications of compliance activities. Collaboration and productivity is limited, time-consuming and bottlenecked by people and activities.

Risk Management and Compliance Challenges

Reporting is time-consuming, inefficient, and error-prone. Lack of visibility into the organization security posture.

Reporting is time-consuming, inefficient, and error-prone. Lack of visibility into the organization security posture.

Risk Management and Compliance Challenges

Incur financial penalties, lose brand recognition, lose productivity, face legal liabilities, or undergo greater scrutiny from regulators.

Risk Management and Compliance Challenges

Incur financial penalties, lose brand recognition, lose productivity, face legal liabilities, or undergo greater scrutiny from regulators.

Advantages of Good Risk Management

• Keep senior management and board members out of trouble.

• Avoid fines and loss of operating license resulting from non-compliance.

• Minimize costs relating to stock volatility, lawsuits, public relations, breach

notification, forensic, and remediation measures when incidents occur. • Reduce costs through reduced operational loses and improved efficiency of business operations and processes.

• Better visibility into the risk profile of the organization for improved decision support and risk-adjusted key performance indicators.

• Improve brand recognition, public and shareholder value and

confidence, and relationships with industry regulators, business partners, insurers and other stakeholders.

Introducing TrustedAgent

• Comprehensive, enterprise platform that integrates, standardizes, and automates existing IT GRC processes.

• Enable organizations to meet the challenging, complex, and ever-changing requirements of PCI, SOX, HIPAA, NERC, GLBA, FISMA, and many others.

• Improve existing business processes and best practices using frameworks such as ISO 27001/27002 and COBIT, to achieve cost reduction, eliminate waste and gain operational efficiencies.

TrustedAgent Overview

TrustedAgent Overview

TrustedAgent and Public Sector

• Enable organizations to streamline risk management and compliance activities:

• NIST SP 800-37 Rev 1., DIACAP and CNSSI-1253 • FedRAMP Risk Management • DIACAP to NIST RMF Migration • Common Control Support across Regulations • Control Overlay Support

• Enable organizations to streamline key DHS continuous

diagnostics and mitigation activities: • Hardware Asset Management • Software Asset Management • Vulnerability Management • Risk Management • Plan and Response to Events • Document Requirements, Policy, etc.

TrustedAgent and Public Sector

• Enable organizations to better manage and streamline compliance with DFARS 252.204-7012:

• Safeguarding Requirements and Procedures for Unclassified Controlled Technical Information

• NIST SP 800-171 • Cyber Incident and Compromise Reporting • Subcontractor and Supply Chain Risk Management

TrustedAgent Benefits

• Provide an enterprise solution that integrates, standardizes, and enhances the management of security risks, privacy, and regulatory compliance across the enterprise.

• Reduce time and costs associated with risk management

activities through collaboration, dashboard analytics, and automated reporting and document generation.

• Provide a standard of care to minimize security risks, legal liabilities, and penalties, and to facilitate communications with shareholders, customers, regulators, and insurers.

• Continuously monitor and assess critical business assets

and functions to gain visibility into and improve their security and compliance posture.

Content Libraries

Support any open source content as well as any commercial third-party content.

Trademarks and copyrights are properties of their respective owners.

Prominent Clients

Trademarks and copyrights are properties of their respective owners.

TrustedAgent Demo

Using TrustedAgent for Compliance Management

Using TrustedAgent for Compliance Management

Step 1. Manage Assessment Entities for Systems, Sites,

Programs, Vendors, Audits, and Processes

Using TrustedAgent for Compliance Management

Step 2. Manage Entity Details (i.e., general information, assets,

POCs, interconnections)

Using TrustedAgent for Compliance Management

Step 3. Create and Manage Assessments

Step 4. Setup Security Categorization,

Common Controls, and Control Groups

Using TrustedAgent for Compliance Management

Step 5. Document Control

Implementation Details

Step 6. Manage Implementation

Artifacts and Work Papers

Using TrustedAgent for Compliance Management

Step 7. Track Risk Management Activities and

Documents

Step 8. Generate Regulatory Documents (i.e., SSP, audit

plan, audit results)

Using TrustedAgent for Compliance Management

Step 9. Manage Findings and

Corrective Actions

Step 10. Manage Remediation Details

Using TrustedAgent for Compliance Management

Step 11. Generate Dashboard Reports

Step 12. Generate Enterprise Risk

Reports

Contact Information, Q&A, and Next Steps

Trusted Integration, Inc.

525 Wythe Street

Alexandria, VA 22314

703-299-9171 Main

703-299-9172 Fax

www.trustedintegration.com