1. /
  2. Control Compliance Suite

Control Compliance Suite

IT Risk Management and Compliance Solutions

Forrester Consulting

Read their Technology Adoption Profile, commissioned by Symantec.
Read the profile

The Forrester Wave

IT Governance, Risk, And Compliance Platforms, Q4 2011
Read the profile

Gartner Webcast

Hear how Gartner's lead IT GRC analyst perceives the CISO's role expanding.
Watch the webcast
Default Chromeless Player

Overview

The CISO Role is Changing

Managing IT risk and compliance in today's enterprise is challenging. As a security leader, you face a growing number of business and regulatory drivers, an evolving threat landscape, and increasingly complex IT infrastructures. How can you embrace all these changes while minimizing IT risks?

Connect To The Business. Prioritize It Risk. Automate Compliance.

Symantec Control Compliance Suite helps you address these challenges by providing a solid framework on which to build your IT Governance, Risk, and Compliance program. Control Compliance Suite allows you to communicate IT risk in business-relevant terms, prioritize remediation efforts based on a composite view of risk, and automate assessment processes to improve your overall security and compliance posture.

Resources

Connect to Business

Making IT Security a Business Conversation

Security threats and IT risk management are becoming boardroom-level discussions. Today's high-profile data breaches have brought these issues to the forefront. How prepared are you to communicate IT risks in business-relevant terms? Can you provide a broad spectrum of stakeholders — business leaders, executives, audit and IT operations — with the information they need to understand the business impact of IT risks?

It Risk Translated Into Business Risk

Control Compliance Suite Risk Manager helps you create a targeted view of IT risk as it relates to a specific business process, group or function. Instead of sending business unit owners detailed reports on outstanding configuration or vulnerability issues, you can illustrate how these issues are causing unacceptably high risk scores for a key business asset – such as an online e-commerce site or transaction processing system. Easily customizable dashboards provide audience-specific risk metrics helping stakeholders visualize where, and to what extent, critical business processes are exposed. Translating IT risk into a business context helps drive the awareness, accountability and action needed to improve your overall security posture and ultimately, protect your business.

Prioritize Risk

To Effectively Manage Risk You Need the Big Picture

To effectively prioritize and manage risk, you need an enterprise-wide view of your security posture. Yet most companies find themselves juggling a myriad of point-product solutions, each providing only a narrow tactical perspective. Consolidating and analyzing the massive amount of data generated by these solutions is time consuming, resource intensive and error-prone.

Prioritize Remediation Based on Business Impact

Control Compliance Suite provides a rich, data-driven view of your environment, allowing you to prioritize remediation efforts based on business criticality, rather than technical severity. Native assessment capabilities automatically evaluate technical and procedural controls, while pre-packaged connectors simplify integration of data from Symantec and non-Symantec solutions. Our unique and highly scalable data framework normalizes and analyzes all of this data, without the need to engage extensive professional services.

Automate Compliance

Common Approaches Do Not Scale

Research from the IT Policy Compliance Group shows that 70% of organizations are overspending on the audit process by a factor of two. Why is this? Many companies still use manual methods to address audit requirements. These manual methods result in duplicate efforts associated with assessing and collecting the same data multiple times for different mandates. Difficulty in interpreting these mandates and translating them into clear, measurable controls further drives up compliance costs. While some organizations use a variety of point-products to address their compliance requirements, this too can lead to inefficiencies as they try to consolidate data from multiple solutions.

Automate for Continuous Compliance

Symantec's Control Compliance Suite automates IT risk and compliance processes, reducing cost and complexity while improving your overall security posture. Key capabilities include built-in regulatory and technical content automatically mapped to policies and updated as regulations change; automated technical and procedural controls assessments, and automated remediation ticketing. Control Compliance Suite allows you to continuously assess the controls in your environment, providing more accurate data for on-demand response to critical IT issues. It also simplifies the ongoing process of collecting data for audit requirements, greatly reducing the burden on your IT Ops teams, while providing your audit team with timely access to the data they need.

Learn More

The Four Key Stages

Control Compliance Suite addresses IT risk and compliance challenges through a four-step process:
Plan: Define what your business and IT risk objectives are. Create policies to be compliant with external regulations and best practice frameworks. Map policies to controls for multiple mandates to avoid redundant efforts.
Assess: Assess how you are performing against desired standards and controls. Identify deviations and vulnerabilities. Evaluate how well people are following policies. For a more complete picture, bring in data from other Symantec and non-Symantec solutions. Consolidate data in one central location for a 'composite view' of IT risk.
Report: Deliver Web-based dashboards and reports to drive action and accountability. Customize dashboards for different audiences - senior executives, business unit leaders, audit and IT operations. Visualize IT risks in business-relevant terms and model the impact of planned remediation activities over time.
Remediate: Prioritize remediation efforts based on business criticality rather than technical severity. Leverage Symantec Workflow to automate remediation ticketing for faster responses to the most urgent IT issues.
Visit the Control Compliance Suite product page to learn more.

Data Sheets