Security Associates Corp™
5218 Keller Ridge Rd.
Clayton, CA 94517
How information is gathered

ECM allows users to create an encrypted session into their profile to answer questions specific to their respective department or business unit within an organization. Security profiles are configured to allow various levels of access to data based on classification and privilege level of the end user.

One of the ways the system saves time is by reducing the amount of effort required to complete the interview process by utilizing a relational database function that facilitates populating all fields within the DSS from predefined occupational spreadsheets. Access controls allow managers to review questionnaires for completeness prior to final submission. Test conditions can be executed against all network assets, applications and polices using the broadest suite of tools on the market today. Methods for measuring these include:
  • Network based assessments
  • Host based assessments
  • Application based assessments
  • Security policy assessments
  • Business policy assessments
  • Compliance and certification assessments

In addition to incorporating its own scanning products, ECM™ also interoperates with legacy asset management solutions, application scanning solutions, host based scanning products, and network based scanning products. By leveraging what the customer has already acquired, ECM™ reduces the cost of technology ownership.

Policy Assessments

Policy assessments are a tedious task requiring experienced consultants and compliance managers with years of industry experience in vulnerability assessments and regulatory compliance. With ECM’s policy assessment engine you plug in your existing policies, answer required questions and receive complete datasheets on out of compliance issues or industry updates. Not only does ECM identify out of compliance remediation plans it also provides actual policies. There is also a policy enforcement module available.

Automated Reporting & Customization

Reporting with ECM™ is performed by identifying and prioritizing all out of compliance conditions. Once identified these conditions are prioritized based on a ranking system created by each business unit leader or stakeholder. By allowing the manager to identify and rank business processes and information asset associations, vulnerabilities and out of compliance conditions receive the most accurate ranking according to the organization. Where standards take precedence, these findings can supercede organizational rankings depending on the type of report requested from the system.

With a customizable configuration wizard, privileged users can create and update industry standards, questions, consequences, and even modify policies in real-time. With over 10, 000 questions amongst three databases within the DSS, users can be assured they have the most comprehensive assessment solutions on the market today.

The Screenshot below is a capture of ECM’s customizable dashboard that allows the user to select from a multitude of environments and determine what test conditions should be run against those environments

Enterprise Compliance Manager™ - Click to enlarge

(Click to enlarge)

   © 2011       Copyright Security Associates Corp™