RiskVision Makes Risk Visible,
Measurable, and Actionable
Achieve situational awareness with Agiliance
of the world’s most renowned organizations – make headlines every day. At the same
time, the worst economic downturn since the 1930s has focused intense attention
key to addressing these complex, interlocking problems: a context-aware, scalable
risk management solution that enables you to make risk visible, measurable, and
RISKVISION APPLICATIONS
RiskVision™, a purpose-built Risk Management platform, allows you to transform your
Enterprise Risk Manager
Identify, assess, and mitigate
risks across business units and
domains
by three key factors: compliance posture, threats and vulnerabilities, and business impact. Agiliance
RiskVision aggregates critical information about your compliance posture with current, new, and
emerging threats and calculates impact on your business operations to action remediation and
Policy Manager
Centralize, standardize, and
automate policy life cycles
with a holistic view of your organization’s risk posture, RiskVision harmonizes multiple risk
frameworks to marry top-down risk modeling with bottom-up controls automation.
Compliance Manager
Map controls across multiple
regulations and automate the
assessment process
Vendor Risk Manager
Reduce time and cost managing
vendor risk and third-party
programs
Incident Manager
Track, classify, respond, and
route incidents as they occur
organization-wide
Threat and Vulnerability
Manager
Create risk-based business
responses to mitigate threats
and vulnerabilities
TESTIMONIAL
“RiskVision has empowered our riskmore strategic plane.”
Murray Walton
Fiserv
CSO Magazine, April 2012
Real-Time Context and Visualization to Action all Enterprise Risks
RiskVision enables you to shift your team of risk tacticians and number crunchers into enhanced
roles as risk strategists, giving risk owners a much greater effect on the organization and prove
to regulators that you have rigorous processes in place to identify, understand, control,
remediate, and monitor your risk and compliance posture. To meet board and auditor
requirements, your risk personnel need data and workflows to model inherent risk, monitor
current risk, and achieve residual risk posture. RiskVision makes this possible by layering
Real-Time Context™ on top of enterprise risk management data to offer unprecedented
visibility and actionable intelligence to risk owners.
Using RiskVision, your Security Operations Center (SOC) and Network Operations Center
(NOC) collaborate to replace manual processes for security intelligence, business prioritization,
and physical or virtual asset and application risk remediation. RiskVision integration with
leading tool vendors enables you to continuously monitor and map security controls, threats,
and vulnerabilities to enterprise risks; dynamically prioritize key risk indicators (KRIs) based on
actions to be executed based on policies. This saves $10s of millions annually otherwise spent on
manual ticketing, errant mitigations, plus cyber-attack and insider breach losses.
Continuous Compliance to Achieve Auditor Readiness
RiskVision pre-maps all controls mandated by regulations and frameworks such as FFIEC,
GLBA, SOX, PCI, HITECH/HIPAA, NEI, NERC CIP, ISO, COBIT, NIST, DISA-STIGS, FISMA, Shared
Assessments, FedRAMP, and CSA in its Common Control Framework™. The solution leverages data
documenting views into those domain compliance postures. RiskVision enables a “test-once,
comply-to-many” approach to manage multiple regulations simultaneously. As a result,
RISKVISION KEY BENEFITS
• Real-time context and visualization to
action all enterprise risks
•
SOC with your NOC
Closed-Loop Risk Remediation
Utilizing patented intellectual property inside RiskVision, you can identify, monitor, and
mitigate risks using “what-if” risk simulation, automated evidence gathering, risk assessments,
and dynamically applied policies and controls to physical and virtual groups. You also protect
your investment in existing best-of-breed IT and security tools. Instead of replacing them with
sub-par suites, the open RiskVision platform features more than 50 interconnections with leading
• Continuous compliance to achieve
auditor readiness
well as data loss prevention, ticketing, and patch management tools. This allows you to overcome
• Closed-loop risk remediation
• Built-to-scale platform
• Time-to-value solution
RISKVISION SAMPLE USE CASES
• Organizational risk management (based on
ISO, Risk IT, OCTAVE Allegro, COSO)
• OTS-OCC audit management
• Financial SOX audit management
• IT SOX audit management
• Business continuity plan management
• Enterprise risk assessments
• Cloud risk assessments
• Project IT assessments
• Privacy impact assessments
• Security policy assessments
• Third-party assessments
• Environmental impact assessments
• Operational safety assessments
• Continuous monitoring (NIST SP 800-137)
• IT risk data calls
•
• IT risk breach management
• FFIEC compliance
• FISMA compliance (NIST SP 800-53)
•
accreditation
•
•
•
• Audit gap analysis
• NEI cyber security 08-09, 10-09
• Risk-based incident response
• Incident investigation management
• Policy distribution and attestation
• Continuous IT control assessments
• Regulatory compliance reporting
RiskVision Inc.
840 W California Avenue, Suite 240
Sunnyvale, CA 94086 USA
+1 408.200.0400
[email protected]
Built-to-Scale Platform
RiskVision solves your big data analytics problem, where massive amounts of data need to be
aggregated and correlated, with a discovery-based risk management database (RMDB),
time-proven data schema, and dynamic risk grouping. This resilient approach scales with your
business, effectively managing data, assets, people, and processes to achieve 100 percent risk
and compliance coverage. Tiered physical and virtual server deployment plus clustering is
designed for massively scaled deployments. RiskVision has field-proven success in scaling with
key performance indicators covering 10s of thousands of live assessments, threats and incidents
and 100s of thousands of continuously monitored assets, vulnerabilities, and attestation users,
conducting more than 100 million weekly checks.
Time-to-Value Solution
With the RiskVision DashBuilder™, AppBuilder™, scripting tools, risk catalogs, and over 50
content sources, you can configure and customize your domain frameworks without
compromising time-to-value, and upgrade from release to release in a matter of days, not
months. In addition to the platform’s built-in flexibility, RiskVision delivers best practices guides
derived from more than 100 successful field deployments, empowering you and your service
providers to deploy quickly. Normally, two major use cases take 60 days for an on-premise
deployment and 30 days for an on-demand deployment, supplemented by pre-built and
maintained content libraries and data connectors.
System Requirements
System
Server Requirements
Operating System Microsoft® Windows Server 2003 R2
Standard x64 Edition or Microsoft Windows
Server 2008 R2 Standard x64 Edition
Browser
Mozilla Firefox, Microsoft Internet Explorer
7.x, 8.x, or 9.x
Database
MySQL 5.5.23 or Oracle 11g (11.2.0.3)
Hardware
Minimum
Processor
2 Dual-Core Xeon 2.33 GHz
Memory
6 GB
Display
1024 x 768
Client Requirements
Microsoft Windows XP, Microsoft Windows
Vista, or Microsoft Windows 7
Mozilla Firefox, Microsoft Internet Explorer
6.x, 7.x, 8.x, or 9.x
Recommended
2 Quad-Core Xeon 2.66 GHz
8 GB
1280 x 1024
About RiskVision
RiskVision develops comprehensive risk intelligence solutions for the enterprise. The highly
decorated RiskVision platform is the industry’s first risk intelligence solution designed for today’s
real-time, big data, threat-centric world. RiskVision’s architecture and design delivers the industry’s
best usability, scale, automation and time-to-deployment advantages – at a fraction of the cost of
traditional solutions. CIOs and CROs of the world’s leading organizations and government agencies
rely on RiskVision including AXA Group, Cisco, Deutsche Bank, E*TRADE, Exelon, First Data, Fiserv,
HCL, Novartis, Roche, Safeway, Sheetz, Southern Co., Time Warner, United Health Group, U.S.
Departments of Defense, Health & Human Services, Justice, and Veterans Affairs, and dozens of
other clients worldwide.
This document is provided for information purposes only and the contents hereof are subject to change without notice. This document is not
warranted to be error-free, nor is subject to any other warranties or conditions, whether expressed verbally or implied by law, including implied
warranties and conditions of merchantability or fitness of a particular purpose. RiskVision and/or other noted RiskVision related products
contained herein are registered trademarks or trademarks of RiskVision, Inc., and/or its affiliates in the U.S. and/or other countries. Any other
non-RiskVision related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of
their respective owners. © 2016 RiskVision, Inc. All rights reserved.