CA has released a new version of its risk management tool with a broader set of features meant to help companies take a more comprehensive approach to risk management and compliance.
In CA GRC Manager 2.0, CA has included a common risk management framework designed to provide a uniform set of risk-related metrics, assessment processes, identification and terminology for the entire organization.
"Since we first launched CA GRC Manager in 2007, we have been talking about helping our customers achieve a unified view of their GRC programs with a centralized repository of cross-referenced information about risk and compliance - this is the challenge that CA GRC Manager helps our customers overcome," said Tom McHale, vice president of Product Management of GRC Products at CA. "But, with this release, it's the first time we're talking about a common risk management framework across the enterprise."
"As a result, the customer benefits from consistent risk terminology, assessment processes, and specific risk metrics," he continued. "When everyone uses the same framework, you can dramatically improve collaboration, risk awareness and assessment, and overall risk decision-making."
Once the assessment is completed, users can leverage a new set of dashboards to monitor risks and track the trending of risk status over time. All this, McHale said, can help companies avoid taking a siloed approach to risk management, which can hurt overall security efforts.
"Things may appear to be at acceptable levels independently, but when added together create an enterprise wide risk problem," he said.
The latest version of the tool comes with a large library of enterprise risks, risk templates and aggregation that includes more than 200 pre-configured risk types. The product also features customizable automated workflow processes to allow assessments to be done more easily by people who have access to accurate and timely information related to individual risks. Comprehensive risk metrics are also designed to enable improved quantification of operational risks, CA officials said.
"You have the greatest level of visibility when a risk manager or business leader can actually see - with easy to use dashboards and reports - their current risk status, based on data that is provided by people on the front-lines," McHale said.