Baton Rouge, LA (PressExposure) July 25, 2013 -- TraceSecurity, a pioneer in cloud-based IT governance, risk and compliance (GRC) solutions, tomorrow will release enhancements to its flag-ship software solution TraceCSO, extending its leading risk management capabilities to help organizations implement a best practices information security program more quickly than ever before.
TraceCSO is the industry's first cloud solution for a holistic and risk-based information security program that delivers comprehensive visibility and accountability for improved risk and compliance profiles across all areas of an organization. TraceCSO allows organizations of any size, industry or security skill set to evaluate, create, implement and manage a comprehensive risk-based information security program, to protect their organizations from today's top information security risks.
TraceCSO's market leading risk assessment incorporates Revision 1 of the NIST 800-30 methodology to provide enhanced usability via proprietary inheritance modeling technology and delivers effective management of the risk assessment by separating assets into various integrated tiers that enable top-down management. The result is a reduced inventory of threats and controls and provides the ability to manage strategic controls from the highest level of organizational risk. As organizations drill down into lower level details, that include business processes and IT systems, only unique assets, threats and controls must be managed. Unless exceptions are created, sub-tiers automatically inherit information from above.
"TraceSecurity recognizes that inherent complexity within information security management continues to hinder organizations from implementing and then managing their ongoing programs," said Brady Justice, TraceSecurity director of product management. "Simplifying and streamlining the risk assessment process allows these organizations to complete an assessment 90% faster so that they can quickly gain perspective of their risk. Not only is the risk assessment significantly easier to complete, we have also been able to reduce the inventory of controls by 80% and anticipate a total TraceCSO implementation time reduction of 30-50% on average."
Customers will also benefit from an improved risk assessment user interface designed to help navigate, build and visualize assets, threats and controls in a holistic, graphical and dynamic environment. Implementation of a risk assessment becomes unique and flexible to the organization's needs as well as simplified for those without security expertise.
"This release exemplifies how TraceCSO customers drive product innovation that continues to simplify the complex issues organizations face when implementing an information security program," said Peter Stewart, TraceSecurity president and CEO. "As threats continue to increase in complexity, we find organizations of every size and any industry demand visibility and accountability into their risk and compliance profile. We are confident TraceCSO is leading an IT GRC revolution to deliver on that market need."
Unlike current information security program solutions, which simply provide a console and no remediation tools, TraceCSO identifies and prioritizes risk to an organization's information and identifies, implements and audits security controls. To help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 60,000 regulations and citations.