Lumension Risk Manager 4.1 Shines a Light on Compliance
Review: After some study and setup, Lumension Risk Manager can be a powerful tool for IT administrators needing to monitor an organization's risk and regulatory compliance status.What's your organization's exposure to risk? Without a central location in which to keep track of your IT assets and risks they represent for your business, you may be more exposed than you realize. Enter Lumension Risk Manager, which can be a very effective tool for IT administrators charged with getting a handle on and building workflows around addressing risk and regulatory compliance issues in their organizations. If used properly and if the time is invested in setting up its data structures, Risk Manager can be a valuable tool for tracking exactly how and how well a corporation is mitigating its overall exposure to potential risks in its operation. However, the will to use it has to be part of the fabric of an organization, and staffers need to participate in filling out its surveys and monitoring their operations.
At the heart of Risk Manager is the Unified Compliance Framework, a model that was first developed by Network Frontiers and law firm Latham & Watkins and is now used by a variety of organizations (including Microsoft in its System Center Service Manager) to keep track of more than 400 compliance regulations. This framework is used to manage conflicting and overlapping compliance requirements and is the core of Risk Manager's scoring algorithms. The framework offers a model for applying a consistent and unduplicated view across regulations such as the Sarbanes-Oxley Act, HIPAA (Health Insurance Portability and Accountability Act), PCI (Payment Card Industry) and other standards that influence IT policies and procedures.