Press Releases

Unedited news and product information from vendors.

Independent Analyst Firm Enterprise Management Associates Recognizes Brabeion Software Among New Class of Solutions for Strategic IT Governance, Risk and Compliance Management
Sep 19, 2007 (10:09 AM EDT)


MCLEAN, Va., Sept. 19 /PRNewswire/ -- Brabeion Software, a leader in IT Risk and Compliance Management, today announced it has been recognized by leading independent IT management research and consulting firm Enterprise Management Associates (EMA) as a driver of a new class of technologies and tools answering the demand for best practices in strategic IT risk management. In the groundbreaking study, "Governance, Risk, Compliance and Beyond: The Emergence of Strategic IT Risk Management," EMA finds that IT risk management is no longer strictly about mitigating the negative threats surrounding IT. The introduction of numerous regulatory and compliance measures has raised the challenge to the level of mandate: businesses must adopt a more consistent and comprehensive approach to IT governance. The key to achieving this mandate is adopting a more disciplined approach to IT control objectives and measurement.

"Building consensus on risk management priorities is essential to shaping and defining an IT risk management strategy. Without this approach, the business has no real visibility into its actual exposure to risk. Such has been the case with companies that have sustained brand damage or outright collapse due directly to risk management failures in IT," commented Scott Crawford, Research Director for EMA. "Tools that enable the business to build consensus on risk priorities, control objectives, and what we call the 'three P's' -- policy, process and procedure -- are therefore becoming foundational among today's converging strategic IT risk management market segments. These segments include IT service, operations and security management; IT GRC management systems; business and financial GRC tools; and enterprise application platforms. Of these segments, it is largely the IT GRC specialists such as Brabeion that are setting the pace when it comes to integrating policy and process lifecycle management with environment monitoring, modeling and control validation in IT."

According to the study, the concept of a strategic approach brings coherence to the enterprise. IT risk management is no longer limited to a set of technologies or meant to meet a single regulatory mandate. It seeks to unify siloed approaches to managing security, business, technology and trust risks -- aligning them with strategic business objectives to enable the enterprise to consistently manage and measure their control.

"The IT risk management tide is shifting from the focus on mitigating security threats and vulnerabilities toward the broader concept of managing IT controls," said Yo Delmar, CMO for Brabeion Software.

Added Steve Schlarman, Brabeion's Chief Compliance Strategist, "Brabeion's comprehensive knowledgebase of IT policy, procedure, and controls, tied to automated testing technologies provides unique bi-directional traceability from business and legislative requirements right through to configuration and compliance risk across people, process and technologies -- which is what customers need to streamline IT risk management and meet governance and regulatory compliance mandates."

To read more about the report visit http://www.brabeion.com/ema_report .

About Brabeion Software

Brabeion helps organizations achieve and sustain compliance and optimally manage risks through full policy, procedure and controls lifecycle management powered by comprehensive information risk and audit content developed and maintained by our team of domain experts, in collaboration with strategic partners including PricewaterhouseCoopers LLP, IT Governance Institute, Microsoft Corp, Oracle Corp and others. Brabeion's IT Risk and Compliance Management platform dramatically reduces risk and improves compliance while lowering assessment costs by leveraging the reuse of tests across all audit requirements through integration with assessment technology and manual surveys. Brabeion is a member of the Information Security Forum (ISF). Brabeion solutions are successfully deployed across a wide range of vertical markets including Financial Services, Retail, Energy, Healthcare, and Government. Customers include Chevron, CIT Group, DirecTV and Guardian Life Insurance.

For more information, visit http://www.brabeion.com .

Press inquiries: Melanie Elliott, Brabeion Software, tel: +01 703 752 9300; email: melanie.elliott@brabeion.com or Leslie Kesselring, Kesselring Communications, LLC, tel: +01 503 656 2847; email

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

CONTACT: Melanie Elliott of Brabeion Software, +1-703-752-9300, melanie.elliott@brabeion.com; or Leslie Kesselring of KesselringCommunications, LLC, +1-503-656-2847, , for BrabeionSoftware

Web site: http://www.brabeion.com//