UAE News Online Main
Registration
Login
Main » 2013 » February » 12 » KuppingerCole Report Reviews IT GRC Market and Cites MetricStream as a Pioneer
3:00 PM
KuppingerCole Report Reviews IT GRC Market and Cites MetricStream as a Pioneer

Report Highlights Capabilities of MetricStream GRC Platform to Align Enterprise GRC with IT GRC

LONDON - Tuesday, February 12th 2013 [ME NewsWire]

(BUSINESS WIRE/ME NewsWire)-- MetricStream today announced that it has been named as a company with strong IT Governance, Risk, and Compliance (GRC) solutions in the KuppingerCole Vendor Report titled "MetricStream: Bridging the Gap Between Business GRC and IT GRC.” The report has been published by KuppingerCole, a leading Europe-based analyst company for information security both in classical and cloud environments.

Analyzing the IT GRC industry, the KuppingerCole report brings out the security and compliance challenges that organizations face due to the increased use of virtualization technologies and external IT services, as well as emerging and evolving compliance requirements. According to the report, "organizations are in a situation where they are confronted with exponential changes regarding outward-facing processes, users, and external IT services used.” What organizations require today is an IT GRC solution that is agile to business changes, integrates with enterprise GRC, manages evolving risks related to information security and compliance, and monitors business performance.

IT and cyber security risks are a growing concern for most European organizations. With the rise in media attention on privacy and data breaches, European companies are becoming aware of the risk of a data leak ending up in today’s more intense news environment and its impact on business.

Having evaluated the IT GRC market, KuppingerCole says that MetricStream’s strong and integrated portfolio of GRC solutions comes with well-defined controls, security features that address risks and threats arising from social, cloud and virtualization technologies, and capabilities that enable organizations to merge Information Security, IT Risks, and Enterprise GRC to drive business performance.

Says Vasant Balasubramanian, Vice President of Product Management at MetricStream, "KuppingerCole’s report is a testimony to our rich capabilities in IT GRC, and the innovations we have brought to the market to address complex security and compliance risks in an increasingly virtualized and mobile world.MetricStream’s IT GRC solutions enable organizations to harmonize GRC processes across the enterprise, align IT GRC with enterprise GRC processes, andintegrate bottom-up IT control processes with top-down risk intelligence.”

With the acquisition of vPanorama cloud GRC technology, MetricStream is enabling its customers to seamlessly manage regulatory compliance, privacy requirements, security threats, vulnerability risks, and performance metrics across the entire spectrum of virtual assets in the cloud, as well as on-premise virtual infrastructure.

Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, says, "From the IT perspective, GRC has moved from technical system-oriented approaches towards information and service governance. We found MetricStream’s IT GRC solutions to be well-thought and mature based on parameters such as security, functionality, usability, integration capability, and interoperability. The platform also supports business requirements and integrates with other IT security and GRC point solutions to provide a complete enterprise GRC approach.”

The report also recommends that organizations looking for GRC solutions carefully evaluate GRC solution vendors. As per the report, "There are different vendors with fundamentally different offerings. While some provide Enterprise GRC solutions focusing on specific aspects of business, ignoring IT GRC, there are others who provide Enterprise GRC that support IT controls and integrate with specific IT GRC solutions. Organizations therefore need to evaluate and analyze GRC vendors based on whether the vendor’s roadmap is aligned with the evolutions in the business landscape and if the current offerings are mature enough to support the changing business requirements of organizations.”

Mr. Balasubramanian also goes on to say, "MetricStream has a strong track record in providing IT GRC solutions in the European market, the most recent being the implementation of the solution by one of the world's largest international online sports betting services provider. This is attributed to MetricStream’s understanding of the global markets and the specific GRC needs of organizations in different locations.”

Please click here to download the report.

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management programs, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California with European offices in London, Paris, Milan and Basel and can be reached at www.metricstream.com.

Contacts

MetricStream

Mr. Vinay Bapna, 650-620-2955

pr@metricstream.com

Permalink: http://www.me-newswire.net/news/6884/en

 

Views: 367 | Added by: africa-live | Rating: 0.0/0
Total comments: 1
1 Ajmir  
0
Dear Michael,I could not agree with you more. After doing extensive recasreh and working with many customers over the last few years on this topic, it has become clear to me that the true vision of enterprise-wide GRC or enterprise-wide Performance Management can not be reached without destroying the boundary between the two. In my recent book, "Driven to Perform: Risk-Aware Performance Management from Strategy Through Execution", co-authored with Stephanie Buscemi and Denise Broady, we establish three key pillars that we believe are necessary to deliver on this vision.First, people mistakenly believe that performance, risk, and compliance management is primarily about finance. Yes, financial processes are heavily regulated and are often the first area companies turn to for managing performance and risk. But we demonstrate that performance management needs to be unified with risk and compliance management and interconnected across every line of business in order to truly be effective. We show these linkages across the entire value chain of an organization: From product development to procurement to supply chain to sales, marketing and service, also understanding the implications on all the supporting processes in finance, HR, and IT.Second, the processes of performance, risk, and compliance management are currently separate, making it impossible to establish effective governance. One part of the organization is worried about internal controls, another part is involved in risk management, another part is setting goals and doing planning, and most of the managers and employees in the organization are oblivious to all of these processes. In "Driven to Perform", we argue that these need to be unified into a single process-based framework. You can align people and processes through technology to actually tie together the ability to set your strategy and the corresponding goals, look at the risks that are relevant to achieving the strategy and instrument them with the appropriate KRIs, then placing the internal controls that will let you know if you are effectively mitigating those risks. These then become the management processes of the organization that allow customers to derive far greater value than each process would be able to achieve in isolation from the other.Third, in order for this approach to be effective, you have to embed the strategic processes into the execution processes. Once you have your strategy and your goals and your risks and controls linked together in a process-based framework, if you then keep them disconnected from the execution processes embedded in your transactive systems, there is much less value that can be realized. Organizations need to be able to layer their goals and risks and controls and the corresponding measurement infrastructure and superimpose them on the transactive processes that their ERP/CRM/SCM/HCM systems provide. Business Process Management technologies can provide a big piece of this puzzle, because it gives you the flexibility to modify your processes based on your strategic priorities.In summary, businesses need frameworks for governance that unify performance, risk, and compliance into a holistic process that can be extended across every part of the value chain of an organization and embedded into the daily activities of its constituents. "Driven to Perform" describes in great detail exactly how to accomplish this vision of Unified Governance.Best Regards,Nenshad Posted by Nenshad Bardoliwalla

Name *:
Email *:
Code *: