FFIEC News

Agiliance Joins Financial Institution Shared Assessments Program

(April 24, 2007)-- Agiliance, provider of IT Governance, Risk and Compliance (IT GRC) solutions, today announced the company's participation in the Financial Institution Shared Assessments Program. Demonstrating its ongoing commitment to a standards-based approach for all compliance initiatives, Agiliance has integrated the Program's Agreed Upon Procedures (AUP) in its on-line documentation library and has implemented full support and automated workflow for the Standard Information Gathering (SIG) Questionnaire.

With this tight integration, Agiliance workflow, tabulation and reporting capabilities automate the entire Shared Assessments Program data collection and correlation process. Using Agiliance's product, financial services organizations will no longer have to manually e-mail the SIG questionnaires to multiple service providers, follow-up with each one individually, and manually tabulate each response to compare against acceptable compliance controls.

The Financial Institution Shared Assessments Program was created by BITS, a nonprofit, CEO-driven industry consortium whose members represent 100 of the largest financial institutions in the U.S., to assist financial institutions in streamlining the service provider security assessment process. The Standardized Information Gathering Questionnaire allows financial institutions to create a detailed snapshot of the security controls in place at service provider locations. The AUP document provides 45 control points that can be used to create detailed reports.

Agiliance already offers financial institutions a common policy and control set that supports all major regulations and standards.

According to Gartner in its 2006 Planning Guide for Compliance: Risk-Orientation, Standardization, and Automation, written by Christine Adams, French Caldwell and Tom Eid in April 2006, "Through 2011, companies that pursue an integrated strategy of a risk-oriented approach to compliance, standardization of controls and automation will reduce the scope of manual process controls by 70 percent and will get the most collateral business value from their compliance."

"By joining the Shared Assessments Program and deeply integrating its standards into our solution, we ensure Agiliance IT-GRC continues to provide financial institutions with a highly strategic asset for quantifying and managing risk and helping them to achieve compliance," said Pravin Kothari, CEO of Agiliance.

Agiliance, recently named as one of Dark Reading's "10 Hot Security Start-ups," is first to deliver a fully integrated IT Governance, Risk and Compliance software solution designed from the ground up for IT organizations. Agiliance IT-GRC enables global enterprises to define and manage security policies, measure and manage risk, use standards and automation to lower costs, and achieve sustainable compliance with multiple regulations, industry mandates and internal policies. Agiliance solutions are used by leading organizations to drive and manage initiatives such as IT risk assessment, vendor security assessment, security configuration monitoring, compliance with regulations such as SOX, GLBA and PCI, and migration to standards such as ISO 17799/27001.

Share or bookmarklet this web page at: