Most organizations today are bound by more than one area of compliance (both internal and external). Rather than conducting individual assessments for each compliance area, Rsam is designed from the ground up to eliminate redundancies across converging compliance requirements and present a simple and manageable assessment experience to its end users. The result is an efficient and integrated compliance management program that optimizes the efforts of all stakeholders in the process.
Data Sheet
Key Features
Whitepapers
Compliance management efforts are typically centered around assuring that appropriate controls (or the level of controls) have been put into place addressing a given situation or where certain risk factors exist. Since many of these same controls are also required for other compliance mandates as well, each control within Rsam is pre-mapped to one or more duplicative areas of compliance in the background. At the end-user level, he or she is merely assessing or recording an existing control level. Behind the scenes, Rsam is relating the data to all affected areas of compliance with no user intervention. The following picture illustrates how the control mappings are done within Rsam control libraries.
At the completion of a compliance assessment, scores are calculated using minimum required safeguards based on specific compliance requirements. Compliance-specific reports can be generated to provide guidance to help users determine where the most effective controls could be put in place to achieve compliance.
At the completion of an assessment, object scores are calculated using minimum required safeguards based on their individually calculated criteria. Finally, users are given a simple directive: to lower their risk score by either correcting the gap issues or by providing adequate justifications. Reports provide guidance to help users determine where the most effective controls could be put in place to achieve this goal. Behind the scenes, Rsam provides the mechanism in terms of calculations and methodologies to qualify & quantify risk based on an organization's unique requirements, and present an accurate picture that provides the basis for informed decision making based on intelligent and consistent information.
Beyond compliance assessments, Rsam can be used to augment these related compliance management activities:
Remediation Tracking
Policy Exception Management
Ongoing Controls Testing
All such activities can be recorded and reported against within a single integrated framework. Simple dashboards help users manage their compliance activities on an ongoing basis.