Citicus ONE vR.4.0
June 02, 2014
From £8,910 annually for SaaS or £14,850 perpetual license for initial deployment.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Visualisation tools, enhanced workflow tools.
- Weaknesses: Custom reporting needs to be done outside of the tool.
- Verdict: Very good solution for enterprise risk and compliance management.
Users can easily configure the control assessment framework based on their local security policies and regulations or can use the extensive built-in control libraries covering areas such as ISO27001, PCI-DSS, ISF SoGP, NIST, vendor assessment/third-party, physical security and SCADA requirements. This version has full support for industrial control and real-time processing systems, including the updated content for DHS and NIST.
Citicus ONE uses a common, research-based approach for evaluating risks of different types enabling all enterprise risk data to be brought together into a single, consistent picture. With the workflow tools users can select which targets of valuation to assess; identify owners and set them up as users of the system and quickly control the role-based access they will have; issue criticality assessments, risk scorecards and checklists that owners and others can complete online; automate the risk management process and the email-integrated workflow capabilities that includes alerting to manage the response process; and consolidate collected risk and compliance data into informative results for all stakeholders. The process is completely UI driven, and simple pull-down menu controls drive the entire process.
Remediation planning is supported through recording risk and compliance issues and the specific action required to resolve these. Actions can be assigned to individuals, and then costed and tracked to completion. Completion of remediation activity automatically updates compliance and risk ratings. Incident reporting templates are available and can be customised to one's needs. Using remediation and incident management tools users can quickly automate the linkage of actions to specific controls.
Reporting has been updated in this version. Reports are largely graphical and interactive and include dashboards, risk and compliance league tables, heat maps, trend reports and risk dependency maps. Too, there is great detail in the dashboard format, which is nicely laid out with drill-down access to detailed data. The entire workflow functionality was redone and new in this version. The changes have made the product easier to use and help you quickly leverage the power of the tool
Citicus ONE is available as both an installable software product and as an in-the-cloud hosted service. It runs on Microsoft Windows Server 2008 and requires Microsoft SQL Server 2005/2008. It also is fully Active Directory integrated to allow for easy user import into the tool.
The documentation is integrated with the software and is nicely laid out. Ten-hours-a-day/five-days-a-week software support and maintenance (including software upgrades) for the first 12 months is included in the initial license fee. Thereafter, software support and maintenance is charged at 18 percent of the license fee. For hosted (SaaS) implementations, software support and maintenance is included in the annual service charge.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime