Cost-Effective Security Compliance Monitoring

This application provides continuous monitoring and periodic testing of the network and IT security environment to detect changes that could compromise IT security compliance. The application focuses on the monitoring of three critical network events, mapping the response to the business processes and controls embedded in the SAP GRC application, including:

• Unauthorized firewall configuration changes
• Firewall policy violations
• Network penetration attempts.

It would be an enormous burden for an enterprise to meet regulatory requirements without this continuous monitoring and testing, requiring that the enterprise either verify manually the data coming from countless sources or deploy point solutions. Either task is equally onerous. This is expensive and time consuming even if businesses focus only on reporting compliance for Control Objectives for Information and Related Technologies; it becomes unsustainable when you consider the multitude of other issues and requirements that are typically encountered.