A typical organisation spends 30-50% more on compliance and IT risk policy management than it should, according to the IT policy compliance group, Lumension.
Lumension Risk Manager is said to help organisations achieve lower total cost of ownership for compliance by automating IT audit workflows, harmonising controls with policy requirements and providing greater visibility across IT assets for greater security and compliance management.
“Compliance, over the past few years, has become a four-letter word for many security practitioners as it conjures up visions of late nights spent poring over data points and audit profiles to ensure that their organisation is fully compliant with the overwhelming number of IT compliance-related mandates that exist today", said Mike Wittig, president and CTO at Lumension.
"Our vision with Lumension Compliance and IT Risk Management and a main driver behind our acquisition of Securityworks this past spring, is to provide our customers with the technology they need to make their IT compliance and risk management processes more manageable, automated and repeatable. With Lumension Compliance and IT Risk Management Solution, our customers will gain the necessary visibility between operational endpoint security and strategic IT risk that’s required for a better connected, smarter run, more efficient IT organisation than ever before.”
Through a partnership with Network Frontiers, Lumension has also integrated the Unified Compliance Framework (UCF) within Lumension Risk Manager. This integration delivers a library of over 400 documents and 2500 harmonised controls, which is periodically updated.
The main benefits of the Lumension Risk Manager include:
- A reduction in third party consulting/audit resources used to define control and policy requirements to support external regulatory mandates
- Enabling organisations to assess once and report on many regulations simultaneously, rather than using multiple technologies that usually lack a complete, global view of regulations.
- Enhanced visibility for companies, allowing them to continuously monitor overarching compliance policy requirements. This enhanced visibility allows organisations to more efficiently utilise existing IT resources to address those deficiencies impacting organisational compliance and IT risk posture the most.