TruSecure will announce a new version of its enterprise-class regulation compliance software this week, with new features including a graphical report card for companies trying to comply with (US) regulations.
Risk Commander 2.0, to be officially announced Monday at the Gartner IT Security Summit in Washington, D.C., is a software package designed to help enterprises comply with regulations and standards, including the Sarbanes-Oxley Act, which mandated accounting practice changes for public companies, and Gramm-Leach-Bliley, which contains privacy rules for financial institutions.
Risk Commander 2.0, designed with open application program interfaces (APIs), can import data from many sources and applications and provide compliance reports for several regulations and standards, including the ISO 17799 IT security standard, said Eric Cady, product manager for Risk Commander.
The first version of Risk Commander was focused on security risk management, while the 2.0 version added regulatory compliance modules for regulations, according to the company. Risk Commander 2.0, a J2EE application, allows users to answer questions via a Web browser to determine the company's level of compliance with regulations. Risk Commander gives users a graphical report card on compliance with the regulations or standards the user wants to test, Cady said.
Risk Commander is intended to give enterprises an objective analysis of compliance and risk issues, beyond human ratings that can contain errors, Cady said. The program generates compliance scores and recommendations through a series of dashboards, scorecards and reports that prioritize compliance, vulnerability and risk-remediation efforts. Customizable filters help users find compliance issues of interest to the organization, and Risk Commander generates a remediation task for every compliance issue identified, according to the company.
"With Risk Commander, I've now got something I can sink my teeth into," Cady said. "It takes the guesswork out of producing a set of results."
The cost of Risk Commander 2.0 starts at US$150,000 for an enterprise license with rights to run it on two CPUs (central processing units), including application servers. The product will be available next week.