|
Spectra
Pressures on IT departments for compliance are increasing. The number of standards and regulations continues to grow, creating a maze of requirements and standards that can be almost impossible to reconcile. You need a team of experts to help you resolve the requirements into concrete controls and processes.
Spectra was developed by experts in regulatory compliance. In an easy-to-read compliance map, Spectra gives you the guidance you need to comply with a number of frameworks, standards and regulatory requirements. By showing requirements, guidance, controls and evidence of compliance in a single view, Spectra allows you to easily identify gaps in compliance and plan for their resolution.
Spectra reduces the cost and time involved in maintaining and achieving compliance, including all major aspects of compliance:
Policy management: Create or import policy documents, manage approval
process. Import dozens of documents at once and convert to Spectra
policies. E-mail distribution and acknowledgment.
Audit management: Create ad-hoc or recurring audits including detailed tasks. Capture audit results and assign issues for remediation. Powerful copy functions to clone audits and audit tasks.
Evidence management: Designate policies, documents, system files, or
attestations as evidence. Create and assign evidence tasks. Import
from security applications or network management tools.
Key Features:
- broadest support of regulatory mandates and industry standards to industry accepted codes of practice, including as ISO 27001/27002:2005; COBiT 4.0, FSA, and the Unified Compliance Framework (UCF)
-
an auditable, centralized repository for policies, audit records, evidence and controls creates a system of record for continuous compliance
-
compliance mapping demonstrates compliance for multiple regulations with a single process, SOX, PCI, SEC 40 Act, HIPAA, and NERC-CIP
-
role-based interface ensures separation of duties
-
automated traceability from regulatory mandates to objectives, controls and evidence
-
workflows for policy development and compliance attestations
Benefits:
- greatly reduces the time and cost of building and maintaining
policy and procedures for security, privacy programs and critical
business processes
- provides expert guidance, reducing the need for outside consultants
-
ensures the integrity of current and past compliance information
-
provides the ability to proactively manage risk as required by several regulations
-
improves audit tracking and reduces risk posture
-
seamlessly integrates into existing infrastructure
-
reduces audit cycle times
|
|
