Delicious
Tumblr
Reddit
Furl
Simpy
Digg
Technorati
Faves
Newsvine
Stumbleupon
Definition
Using a risk-based approach to standardize and automate manual IT compliance processes including risk assessment, policy management, controls assessment, remediation, and reporting with the goal of leveraging compliance to achieve IT best practices, operational excellence and cost efficiencies.
Challenges
- Managing expensive and labor-intensive compliance and audit requirements
- Determining the appropriate set of IT policies and controls to manage IT risk and compliance
- Consistently implementing and enforcing IT policies and controls.
- Quickly responding to IT auditors and other management requests to demonstrate compliance
- Determining vulnerabilities based on the security policy, compliance, and risk management
Symantec Solution: IT Compliance
Automate compliance processes using a risk-based approach to protect information, address threats quickly, and reduce costs and risks.
- Anticipate and plan for compliance and audit needs to reduce deficiencies
- Increase availability of the systems and data needed to run the business
- Reduce incident response costs by automating critical security processes
- Reinforce employee responsibility with notification, enforcement and training
- Align compliance with business risks through an integrated framework that incorporates risk assessment into IT controls compliance automation
