June 23, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very complete GRC solution, easy to use
- Weaknesses: A bit pricey but provides a lot for the money
- Verdict: Strong GRC solution for large enterprises. Has all of the tools required to develop and manage a risk and compliance program. Recommended
Rsam v7.0 is a comprehensive, seventh generation risk and compliance management solution. It provides assessments, audits, compliance, control testing, enterprise risk management, incident management and issues remediation to threats, vulnerability and vendor risk.
Rsam is an out-of-the-box GRC management platform enabling organisations to seamlessly integrate and manage key elements of risk and compliance programs, including regulatory and standards-based assessments, data from existing scanning devices and ad-hoc auditor findings. It applies comprehensive risk analytics, generates metrics and dashboards and prioritises and manages the remediation of the resulting issues across repeated lifecycles.
It includes an intelligent survey system with out-of-the-box assessments, universal API import engine, strong workflow with risk analytics capability, advanced risk scoring and drag and drop dashboard creation.
Customers can choose to leverage Rsam's pre-populated, best practices frameworks (including ISO, NIST, CobiT, FFIEC, HIPAA, PCI DSS, BITS, GLBA and SOX), incorporate their own existing templates and processes, or any combination of the two.
All Rsam domains are mapped in the background allowing clients to assess targets once, and then map responses to multiple areas of compliance.
There was a lot of content provided with the base solution and it did a great job in providing the summarised, correlated view of risk with various standards and regulatory controls.
The user interface was clean and intuitive and provided a drag and drop-based tool for quickly creating question and response assessments. Full risk-based workflow tools are incorporated and include sign off/validation controls for awareness and auditing. The user interface puts a lot of useful information right at your fingertips and made it very easy to navigate.
Rsam supports imports from industry standard vulnerability scanners and inventories.
Support is available for a fee and includes phone, email and WebEx. It can be purchased either as client side software, which typically deploys in 40 to 60 hours, deploys on a Windows server and requires an SQL backend, or as a hosted SaaS offering.
At a price of £36,000, Rsam v7.0 may seem pricey but it provides all of the tools needed to develop and manage a risk and compliance program.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- The information security implications of M&A deals
- Cyber-security must reflect risk not just regulation
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success