 |
Rsam is the most powerful and effective tool available for GLBA compliance assessment and ongoing risk management. Rsam makes even the most challenging enterprise GLBA compliance assessment manageable and enables a powerful, effective analysis to be performed against the collected data. Rsam for GLBA sorts out the many disparate aspects of this rule and converts them into measurable controls, assigning them to different logical areas (Line-of-business, Departments, Applications, Service Providers, etc.) within an organizational hierarchy. This logical grouping can be used out-of-the-box, or it may be further customized to meet the specific needs of an organization. Users are then assigned to answer questionnaires specific to their individual area of expertise concerning the criticality and controls of each respective area. As users log into the Rsam interface, they are presented with simple web-enabled dashboards that present their assigned tasks and the status of their questionnaires. By clicking on a particular task, users are directly sent to the appropriate survey page and walked through each assigned question via a highly-intuitive GUI. At the completion of a questionnaire, the process can then be passed to other users for review or additional input. Each such action within Rsam is tracked and logged while progress reports and administrator dashboards provide constant status updates.
At the completion of an assessment, risk scores compare the degree of control applied against the risk at hand. Risk and control gaps identified during the process are presented in the Rsam GUI. Once such gaps and compliance violations are exposed, the Rsam Remediation Module tracks & documents every detail of your remediation plans, costs, and efforts. Assessment & Risk Treatment data can be archived at any time and, using Rsam's interactive reporting engine, Historical reports are generated providing you with useful analysis and trends. All of this capability is built on top of Rsam's patent-pending framework, providing you the highest degree of flexibility and scalability possible. And where desired, nearly every detail within the Rsam Framework can be easily customized using intuitive GUIs.
|
|
A significant aspect of the GLBA safeguards rule describes what an organization is required to do as related to oversight of their Service Providers that share NPI. Rsam comes pre-populated with a comprehensive list of TSP control & criticality questions based on ISO 17799 and other industry best practices, that can be aligned based on the type of Service Provider being assessed. All of this can be managed from within the same database, console, and reporting engine.
For more information on TSP assessment,
click here.
|
|
Rsam provides the most powerful and efficient tools available in the marketplace today to manage your entire assessment process including intuitive interfaces and powerful interactive reporting engine. This technology allows an enterprise to:
|
|
|
|
Implement an effective & repeatable process to identify, assess, & manage risks associated with Non-public Personal Information ("NPI") in the organization
|
|
|
Track responses, progress, user activity, and manage all aspects of the assessment process using administrative dashboards, questionnaire cycles, user roles, and data management interfaces
|
|
|
Utilize road-tested assessment templates & questionnaires cross-referenced with GLBA Safeguards rule and industry best practices/standards
|
|
|
Enforce and manage assessment criteria based on business criticality, sensitivity of information & compliance requirements
|
|
|
Enhance the accuracy & efficiency of your risk assessment by leveraging innovative methods & techniques such as fact-based data gathering and relational reporting |
|
|
Identify and control future risks before they exist in the organization, approving new Service Providers, Applications, and other vital elements based on their controls, proposed function, services, and the data that will be shared with them
|
|
|
Recognize and manage your risks using Rsam's 45+ consistent and actionable roll-up, drill-down, and relational reports.
|
|
|
Plan, document & track remediation efforts for all identified gaps
|
|
|
Use a single central repository to track against multiple areas of compliance and industry standards
|
|
