Strengths: Very strong risk management with a lot of traditional GRC wrapped around it.
Weaknesses: Nothing major that we saw.
Verdict: The website provides all of the resources you would want. If you want to take a technical, risk-focused approach to GRC, this may be the tool for you.
Agiliance RiskVision is a hybrid application. It has many of the aspects of a traditional GRC platform and many of the technology-centric attributes. But, for all of that, it is biased toward risk management, albeit with many other GRC trappings. Agiliance differentiates risk into two types: operational and security. The RiskVision tool addresses both. It also sports a closed loop remediation capability. This is a scalable product with Agiliance boasting 191 million control checks daily at a single account. It is optimized for Big Data - high variability, high variety, high velocity and high veracity or validity.
RiskVision is built on an open platform architecture. It applies applications for managing risk, policy, compliance, vendor risk, incidents and threats. Driving these applications is the Agiliance Big Data risk platform that contain all of the pieces that the applications need to function together. The platform consists of a set of business interfaces, which takes care of things such as reports, dashboards and tasks. There are several engines as well covering workflow, visualization, risk and scoring correlation and analytics, among others. Finally, there is the integrated risk model that contains all of the organisation's building blocks, such as assets, policies, controls, evidences, etc.
Integration with third-party products is accomplished through the smart connector interface. This covers more than 70 different connectors. We dropped into the application's "Welcome" screen, which really is the vulnerability dashboard. This covers the types of things that we expect to see in a vulnerability dashboard - with the exception that the visualisation is superior to what one might expect. Most charts are colorful, making it easier to differentiate important information.
There are many assessment programs that take care of pulling the appropriate report elements together to give a clear picture of risk and compliance. These assessments can be mapped into workflows using a flow chart built into the tool that translates the workflow diagram into action. The tool has a complete vulnerability management system, a ticket management system, and full closed loop remediation - the vulnerability is discovered, remediated and retested before the ticket can be closed.
Price is moderate but considering the value it certainly is not out of line. The website provides all of the resources you would want - except a knowledgebase - and we understand that is in the works. Agiliance's collection of FAQs, best practices and typical deployment scenarios allows customers to browse for fast self-help and learning. There is a pretty good collection of white papers and other materials as well. Standard eight-hours-a-day/five-days-a-week support is provided with the product and 24/7 can be purchased for a £5,000 per year subscription fee.