"For instance, Symantec Control Compliance Suite Risk Manager is one of the solutions to help automate many of the tasks in the four steps (referred to above) such as customised real-time reporting, workflow integration, and third party ticketing integration," he said. "Other solutions in the control compliance suite include CCS Policy Manager, CCS Standards Manager, CCS Vulnerability Manager, CCS Response Assessment Manager and the Symantec ServiceDesk."
He said the CCS 11 solution would help facilitate more effective communication around IT risk by allowing security leaders to customise dashboards with audience-specific risk metrics such as:
• Executive-level dashboards can illustrate high-level metrics, such as risk by business unit, or risk scores for mission-critical business processes.
- Security operations dashboards can drill down to examine technical details behind these risk scores.
- Dashboards for IT operations can outline detailed remediation plans and monitor risk reduction over time as scheduled remediation activities take place.
Lam said organisations could manage priorities remediation based on IT risk, rather than technical severity. "The CCS 11, which is expected to be available by mid-year 2012, also allows risk modelling as the system also scores different risks and helps to build a remediation plan."
Sign up for MIS Asia eNewsletters.