Through continuous monitoring, prioritization, and automation you can respond to business risks in real time. Automate inefficient processes across your extended enterprise by combining security, IT and risk capabilities into one integrated program.
Effectively detect and assess the likelihood and potential business impact of an event based on data aggregated across your extended enterprise, and respond to critical changes in your risk posture.
Policy and Compliance
Automate best-practice lifecycles, unify compliance processes, and provide assurances around their effectiveness.
Scope and prioritize audit engagements using risk data and profile information to eliminate recurring audit findings, enhance audit assurance, and optimize resources around internal audits.
Vendor Risk Management
Institute a standardized and transparent process for managing the lifecycle of risk assessments, due diligence, and risk response with business partners and vendors.
Integrates seamlessly with ServiceNow® Policy & Compliance, CMDB and Security Operations.
Data Protection Impact Assessment (DPIA) module
Provides ability to perform a DPIA screening questionnaire for new projects or existing assets. Key components of the module include: Capability for 3rd Party vendor assessment, configurable risk calculation engine and dynamic workflows.
A ServiceNow portal providing user engagement to support Subject Access Requests as well as act as an entrance point for employees engaged in assessments and impact assessment screening.
Record of processing activities module
Article 30 of the GDPR requires the documentation of processing activities under its responsibility. This module provides the necessary structure and relationships to allow for this record.
Subject Access Request fulfilment (SAR) moduleNice Prices And Gifts
Comprising of a front-end exposed via the above-mentioned portal the SAR module provides a generic accelerator for the requirement to allow and respond to Subject Access Requests.
Data Breach Incidents module
Provides the core functionality required to show compliance to article 33.
Ability to document information layers
The classification of the CMDB (Asset) data to identify Configuration Items (CI's) that process or store PII data.
Administrative configuration elements and data properties influence data presented to the user in the core modules SAR, DPIA, Record of Processing Activities, and Data Breach Incidents.