openPR Logo
Press release

MetricStream IT-GRC Solution Recognized by Leading Analyst Firm and Top IT Security Magazine

06-21-2010 09:42 AM CET | IT, New Media & Software

Press release from: MetricStream, Inc.

MetricStream IT-GRC Solution Recognized by Leading Analyst

MetricStream Inc., a leading provider of Governance, Risk and Compliance (GRC) solutions, that MetricStream IT-GRC Solution received a Promising rating in Gartner’s report entitled in, 2010 "MarketScope for IT Governance, Risk and Compliance Management". Coming on the heel of this report, Haymarket Media’s SC Magazine, the popular publication for IT Security Professionals, published a detailed product review of MetricStream IT-GRC Solution awarding it a 5-Star overall rating.

According to the Gartner report, authored by Gartner Vice Presidents and Distinguished Analysts Paul Proctor and Mark Nicolett, “IT GRCM products support operation risk management through functions that measure, manage, and report on IT-centric technology and process controls. Organizations can use IT GRCM products to document and assess their IT-centric technology and process controls.” As per Gartner, the core IT GRCM functions are: controls and policy mapping, policy distribution and training attestation, IT control self-assessment and measurement, IT GRCM asset repository, automated general computer control (GCC) collection, remediation and exception management, compliance reporting, IT compliance dashboards and IT risk evaluation.

“There is a clear convergence of IT-GRC and Enterprise GRC as the two are intertwined. Our customers are reaping the benefits of adopting a common platform for GRC that can gather and report risk and compliance information across the enterprise spanning IT, operations, legal, compliance, finance and supply chain functions,” said Gaurav Kapoor, CFO and General Manager at MetricStream. “We believe Gartner’s report confirms our position in the market and our commitment to providing customers with an integrated GRC Platform designed to help them achieve better business performance.”

MetricStream provides a comprehensive IT-GRC Solution with rich capabilities for:

* Asset Discovery
* Vulnerability Assessment
* IT Risk and Policy Management
* Continuous Compliance Monitoring
* Entitlement Lifecycle Management
* Automated Remediation

MetricStream IT-GRC solution allows customers to effectively manage policies, risks, control objectives and controls - for compliance with IT standards and best practices such as Cobit, ITIL, ISO 27002, FFIEC, NIST and industry regulations such as NERC, PCI, HIPAA, BASEL II, FISMA , GLBA and SOX. The solution is integrated with control and audit automation infrastructure to respond to real-time threats, incidents and vulnerabilities. With its open architecture and powerful Infolets - user-configurable adapters for rapid integration - MetricStream effectively connects with infrastructure systems and applications for network scanning, security monitoring and device management to enable seamless capture of incidents and vulnerabilities, real-time risk assessments, continuous control monitoring and efficient response management. It supports automating risk identification, assessment and mitigation processes based on IT asset profile and impact on business.

Customer can further reduce complexity and costs by leveraging Network Frontiers Unified Compliance Framework (UCF) ( database which maps and harmonizes more than 2,500 IT control statements to more than 400 regulations, standards and frameworks. The solution’s entitlement management capabilities record identity conflicts and segregation of duties issues for increasing effectiveness of IT governance initiatives. Salient features that enable a risk-based approach to IT-GRC include:

* Continuous scanning and monitoring of the IT infrastructure
* Sophisticated IT policy management - from IT SOPs to device level policies with mapping to assets
* Lightweight Infolets - user-configurable adapters for rapid integration
* Integrated IT risk and analytics with business risk and governance
* Linking compliance and risk objectives with IT security threats and business policies
* Managing issues and track compliance to various industry and security standards
* Policy enforcements in dedicated as well as virtualized environments
* Entitlement management with role-based identity and Segregation of Duties (SoD) management

According to Michael Lipinski of SC Magazine, “(MetricStream’s) ability to report on a risk and correlate it right down to the list of specific controls in various regulatory bodies was great. Most organizations are subject to more than one legal or regulatory requirement, and the ability to quickly group and summarize risk to the combined controls is very helpful.”

Within the realms of IT Risk Management (, Vendor Risk Management (VRM) and Business Continuity Planning (BCP) are becoming a core competency for organizations to ensure that they have a contingency plan in place to support their business should the worst happen or the vendors supporting their mission-critical systems fails them. MetricStream IT-GRC solution suite includes a comprehensive VRM application to help institute a repeatable and sustainable vendor risk and compliance management program to assess, analyze, mitigate and monitor vendor risks against internal policies as well as industry standards and regulations.

MetricStream also provides an integrated and flexible framework for embedding BCP in the risk management model and streamlining BCP lifecycle stages of analysis, design, implementation, testing and acceptance and maintenance based on industry standards such as BS 25999.

MarketScope Disclaimer
The MarketScope is copyrighted 2010 by Gartner, Inc. and is reused with permission. The MarketScope is an evaluation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MarketScope, and does not advise technology users to select only those vendors with the highest rating. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About MetricStream
MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Solutions for global corporations. MetricStream solutions are used by leading corporations such as Pfizer, Philips, NASDAQ, UBS, SanDisk, BP, Subway, Fairchild Semiconductor, Hitachi and TaylorMade-Adidas Golf in diverse industries such as Pharmaceuticals, Medical Devices, Automotive, Food, High Tech Manufacturing, Energy and Financial Services to manage their quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as by over a million compliance professionals worldwide via the portal. MetricStream is headquartered in Palo Alto, California and can be reached at

Contact Address:
MetricStream, Inc.
2600 E. Bayshore Road
Palo Alto, California 94303
United States
phone: 650-620-2900

This release was published on openPR.

Permanent link to this press release:

Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release MetricStream IT-GRC Solution Recognized by Leading Analyst Firm and Top IT Security Magazine here

News-ID: 135669 • Views: 1517

More Releases from MetricStream, Inc.

Risk-based Auditing Workshop at the 12th Annual Regional Gulf Audit Conference
April 05, 2011 | Palo Alto, California: MetricStream Inc., the market leader in enterprise-wide Governance, Risk and Compliance (GRC) solutions, today announced its participation at the 12th Annual Regional Gulf Audit Conference. Organized by the UAE Internal Audit Association, the conference will be held in from 3rd -5th April, 2011 in Dubai, UAE. MetricStream will be participating in the conference and showcasing its market-leading internal audit solutions. The company will
MetricStream CEO Shellye Archambeau to Present a Session on Automating Informati …
MetricStream CEO Shellye Archambeau to Present a Session on Automating Information Security Risk and Compliance Processes at AGC's 7th Annual West Coast Emerging Growth Conference MetricStream, Inc., the market leader in enterprise-wide Governance, Risk and Compliance (GRC) solutions, today announced that its CEO, Shellye Archambeau, has been invited to speak at the 7th Annual Information Security and West Coast Emerging Growth Conference. Organized by America's Growth Capital (AGC), the conference will
A Fortune 500 Leader in Financial Planning Services and Consumer Lending Selects …
MetricStream Inc., the market leader in enterprise-wide Governance, Risk and Compliance (GRC) solutions, today announced that one of the largest financial planning and advisory services companies in North America has chosen MetricStream GRC Platform to manage its risk, compliance and audit requirements. MetricStream GRC solutions will enable the client to streamline the management of Operational Risk, IT Policy and Risk, audit management, and compliance with regulations such as Sarbanes-Oxley (SOX).
MetricStream to Host a Webinar on Succeeding at Governance, Risk and Compliance
MetricStream, Inc., the market leader in Enterprise Governance, Risk and Compliance (GRC) solutions, announced today that Michael Rasmussen – Risk and Compliance Advisor, Corporate Integrity, will join Gaurav Kapoor - CFO and General Manager, MetricStream, in a webinar on ‘Succeeding at Governance, Risk and Compliance (GRC). About the webinar With Governance, Risk and Compliance Management becoming a core element of business strategy, siloed risk, compliance and audit approaches are giving way to

All 5 Releases

More Releases for GRC

GRC Software Market 2020 SWOT Analysis by Players: IBM, SAP, ProcessGene, Oracle …
The Global GRC Software Market 2020 Market Research Report is a professional and in-depth study on the current state of the GRC Software industry. Industry Overview: Updated research report on GRC Software Market by ‘Market Growth Insight’ delivers pivotal information on the market including drivers, restraints, challenges, and opportunities. The GRC Software report is useful to business owners, manufacturers, distributors, suppliers, marketing personnel, strategists, and customers since it helps them to understand
GRC Software Market Driving Growth in Recent Year 2026| ProcessGene, Continuity …
GRC (governance, risk management and compliance) software allows publicly-held companies to integrate and manage IT operations that are subject to regulation. Such software typically combines applications that manage the core functions of GRC into a single integrated package. Global GRC Software Market is expected to Huge growth with a during forecast period 2020 to 2026. Platforms software helps businesses monitor performance and relationships to minimize financial, legal, and all other liabilities.
Police Software Market 2017- DataDriven, PawnSafeBox, 911 Tech, Blackthorn GRC
Apex Research, recently published a detailed market research study focused on the "Police Software Market" across the global, regional and country level. The report provides 360° analysis of "Police Software Market" from view of manufacturers, regions, product types and end industries. The research report analyses and provides the historical data along with current performance of the global Police Software industry, and estimates the future trend of Police Software market on
GRC Expert Presents an Overview of the New Harmonized Version 10.0 of SAP Busine …
GRC Expert Presents an Overview of the New Harmonized Version 10.0 of SAP BusinessObjects GRC Solutions. Dedham, Massachusetts – September 21, 2011 SAPexperts posted a new article, “An Overview of the New Harmonized Version 10.0 of SAP BusinessObjects GRC Solutions” to its GRC Expert knowledgebase. This article focuses on the key developments within version 10.0 of SAP BusinessObjects GRC solutions. Among other aspects, a recoding of BusinessObjects Access Control application on the ABAP
GRC – Governance, Risk and Compliance
GRC is a recent acronym that has quickly spread among the senior management community around the world. Initially this was sparked by the fallout from a number of major corporate governance scandals, including those affecting Enron, Tyco and WorldCom; all of which led to the enactment of the US Sarbanes-Oxley Act and the concept of a more holistic view of Governance, Risk and Compliance. Interest has also grown rapidly in
BlueCross BlueShield of Tennessee Selects MetricStream for GRC
MetricStream, Inc., the market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management solutions today announced that BlueCross BlueShield of Tennessee (BCBST), an independent, not-for-profit licensee of the BlueCross Blue Shield Association, has selected the MetricStream platform for deploying an integrated software solution for a broad range of business processes including governance, compliance, quality management, risk management, and corrective actions. The solution will enable BCBST to effectively meet obligations