MetricStream Receives "Positive" Rating in Leading Analyst Firm's IT-GRC Management MarketScope Report

PALO ALTO, Calif., Nov. 9, 2011 /PRNewswire/ -- MetricStream Inc., a leading provider of enterprise-wide Governance, Risk, Compliance (GRC) Management solutions today announced that MetricStream IT-GRC Solution received a 'Positive' rating in Gartner's report entitled 'MarketScope for IT Governance, Risk and Compliance Management'.

"MetricStream IT-GRC Solution is empowering Information Technology and Security groups at corporations across the world to facilitate a fully-integrated, real-time, transparent and automated approach to IT risk and compliance management," says Shellye Archambeau, CEO of MetricStream. "We believe that Gartner's 'Positive' MarketScope rating affirms our strong position in the market and our rich product capabilities to enable customers to proactively measure and manage their IT and process controls."

According to the MarketScope report, "the core IT GRCM functions are: Controls and policy mapping, Policy distribution and training attestation, IT control self-assessment and measurement, IT GRCM asset repository, automated general computer control collection (configuration and vulnerability assessment), remediation and exception management, IT compliance dashboards and reporting and IT risk evaluation."

The report highlights the growing demand for IT GRCM technology with a greater emphasis on technology-related requirements, such as integration and management of automated control data from security and infrastructure tools. According to the MarketScope report, "The IT GRCM market benefits organizations that wish to automate and improve existing processes for measuring, managing and reporting IT controls that are ready for automation."

MetricStream IT-GRC solution ships with out-of-the-box integrations with various security and IT infrastructure applications, with pre-defined rules and interfaces to facilitate data import, export and functions such as risk and control scoring. This includes connectors for various IT security and infrastructure tools for Threat and Vulnerability Management, SIEM and Log Management, Segregation of duties (SoD) and User Provisioning, Incident Monitoring and Problem Management, Configuration Management, Operations and Asset Management, Network Virtualization and Scanning, Utility Smart Grid and Facilities devices. In addition, the solution ships with a wide range of IT regulations, standards, controls, and policy content that is regularly updated. This includes control standards such as CoBit, FFIEC, ISO 27001 and NIST-SP800, regulations such as BASIL II, FISMA, GLBA, HIPAA, NERC, PCI and SOX and security configuration policies from CIS, FDCC / USGCB and NIST.

Through these capabilities, MetricStream enables customers to perform real-time risk assessments, monitor controls continually, proactively detect and resolve incidents, and ensure compliance with the full spectrum of IT standards and regulations for data governance, security and privacy.

MetricStream IT-GRC solution is well-recognized for its flexible, work-flow driven and automated approach to managing end-to-end IT-GRC requirements. In addition, the company also enables a strategic, top-down approach that address requirements of business executive by integrating Enterprise GRC (E-GRC) and IT-GRC programs on a single, centralized platform. Such an approach integrates IT risk and compliance with financial, legal, HR and operational governance requirements from a measurement and reporting perspective to provide a holistic view for effective enterprise risk management (ERM).

"The increasing inter-relationships between E-GRC and IT-GRC indicate that Governance, Risk, Compliance for Business, IT and Security are converging," says Gaurav Kapoor, COO of MetricStream. "MetricStream is at the forefront of this trend, having already established a formidable leadership in the E-GRC space. By integrating Business, IT and Security GRC on a common platform, we are enabling customers to facilitate a holistic and sustainable top-down approach to GRC that focuses on performance and results. At the same time, the solution enables IT and IS managers to leverage bottom-up risk and control information such as vulnerability, patch and configuration control data."

* Gartner, Inc., MarketScope for IT Governance, Risk and Compliance Management, by Mark Nicolett and Paul E. Proctor, September 30, 2011

About the MarketScope report

Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as Pfizer, Philips, NASDAQ, UBS, SanDisk, Subway, Fairchild Semiconductor, Constellation Energy and Cummins in diverse industries such as Healthcare, Pharmaceuticals, Medical Devices, Automotive, Food, High Tech Manufacturing, Energy and Financial Services to manage their quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as by over a million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California and can be reached at www.metricstream.com.

Media contact:
Email: [email protected]
Phone: 650-620-2955

SOURCE MetricStream

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED