In response to increasingly complex and dynamic IT security and threat environments, MetricStream, a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations, has announced its enhanced IT GRC solution, which will empower organizations and employees with a broad range of new advanced tools and functionalities.
Organizations today want a solution that can not only support and enable all IT GRC activities, but also scale across the enterprise, integrating security and threat data, and providing actionable intelligence to support decision-making,” said Vasant Balasubramanian, Vice President of Product Management at MetricStream. “MetricStream’s new and enhanced IT GRC solution provides the oversight, agility, speed, and flexibility to meet these requirements so that organizations can thrive amidst our increasingly complex and dynamic IT security and threat environments.
The enhanced solution facilitates enterprise-wide oversight of IT risks and threats, and provides powerful analytics to help organizations efficiently model threat scenarios and risks, and determine the most effective response. The solution also integrates content from sources such as NIST and CERT, as well as COBIT 5 and the Shared Assessments’ Standard Information Gathering (SIG) 2013 questionnaire and Agreed Upon Procedures (AUP) 2013, to help organizations build a truly word-class IT GRC program.
The increasing frequency and sophistication of cybersecurity attacks and data breaches have made it more critical than ever for organizations to proactively secure their IT environments, and effectively comply with regulations and standards such as PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. In line with these requirements, MetricStream provides an integrated portfolio of solutions to streamline, integrate, and strengthen end-to-end IT GRC processes.
MetricStream IT GRC Solution now offers many new and enhanced features including sophisticated security and risk analytics based on Big Data architecture, Real-time threat intelligence from social media and information security monitoring, Enhanced monitoring of virtualized assets in the cloud, Vendor risk management. New integrations with NIST, CERT, and support for SCAP standards and Quarterly releases/ updates of IT GRC content.