Aiming to help companies maintain a constant state of awareness regarding their compliance with government regulatory requirements and internal security policies, Brabeion Software on Oct. 24 introduced its latest software package.
The product, Compliance Manager, promises to help companies simplify and automate the process of monitoring and measuring compliance issues throughout their enterprise IT networks.
The set of applications released by Brabeion also promises to help businesses keep track of nontechnological compliance factors related to employee and business management processes, allowing users to build a baseline measurement of all their compliance policies by which to prioritize future work, said Brabeion officials in McLean, Va.
Brabeion is pitching its new product as the perfect complement to its Compliance Center software, which uses compliance auditing techniques created by PricewaterhouseCoopers to help companies create Web-based policy management systems. Compliance Manager offers to provide up-to-date online dashboards that take data garnered from Compliance Center that customers can use for comparing policies with their real-time ability to meet requirements and prepare for outside audits.
While a number of compliance-oriented technologies, including those made by much larger software companies such as Symantec and McAfee, promise to deliver the same types of information, Brabeion claims its tools are the first that will allow companies to aggregate data from compliance tools made by multiple vendors to get a truly high-level, real-time view into their ability to tackle emerging problems and remain ready for outside testing.
"Weve taken the IT auditing capabilities developed by PwC and added the ability for companies to directly reference regulatory guidelines within a framework of controls, and this allows them to create a system of workflows that gives them real-time information on compliance with everything from Sarbanes-Oxley to [Microsoft] Windows XP patching," said Julian Waits, CEO of Brabeion. "By helping companies stay aware of their compliance posture, Compliance Manager allows organizations to manage their readiness comprehensively so that they bring the entire IT audit process within their own domain."
Essentially, Brabeion contends that its products could replace high-priced services offered by consulting companies by allowing enterprises to test their own compliance and prepare for internal and external audits. The company does offer services, provided largely by consultants from New York-based consultancy PwC, along with the software to help companies lay the groundwork for working with its automation tools.
Brabeion officials said Compliance Manager is aimed specifically at organizations that face continuous audit cycles, whether because of the Sarbanes-Oxley Act, which aims to govern the sharing of sensitive financial data, or other industry-specific or business partner audits.
In addition, Brabeion said both internal and external auditors can use Compliance Manager to study specific regulations policy controls and get a better view into the current status of their related IT assets and any required remediation work. IT departments also can use the data to help prioritize remediation efforts and improve service and incident response times.
"The multiple audits that todays regulated enterprise faces are each unique and require an ongoing commitment of valuable resources," said Jay White, global information protection architect at Chevron, of San Ramon, Calif., in a statement "Brabeion is a fully realized system for [PLM (policy lifecycle management)], compliance monitoring and compliance reporting—essentially cutting the cost and cycle times for the audit process and enabling the company, not the auditor, to control the audit."