Agiliance, Inc. an independent provider of Governance, Risk and Compliance or GRC solutions announced the launch of Agiliance Continuous Compliance Service or CCS for PCI.
Company sources said that the cloud solution can manage the entire PCI (News - Alert) life cycle to deal with problems of continuous consulting and transition to an approach of continuous compliance.
Agiliance CCS for PCI enables organizations to work on PCI compliance by starting on a small scale and continue building a world-class GRC.
The new requirements of PCI 2.0 specifies an organization to include virtualized environments, policy governance, risk remediation and 100 percent asset coverage to its existing security policies.
According to company officials the huge volume of data required to scope, analyze, mitigate, certify and maintain people, assets, data sets and applications by continuous consulting in combination with Microsoft Excel spreadsheets is not fully effective.
Verizon (News - Alert) revealed in its 2010 PCI report that only 22 percent of businesses achieve compliance at Initial Report of Compliance (IROC). Also an independent survey conducted by PSC Payment and Security Experts showed that this number falls to 18 percent within 60 days of certification. This will result in many companies striving to improve the way they operate and automate their PCI compliance process.
Michael Rasmussen, president of Corporate Integrity, a GRC strategy advisory firm said in a release, “Business is dynamic and in a constant state of flux-demanding that organizations have a continuous and intelligent approach to managing compliance in the context of a changing business.”
“Agiliance is an example of a vendor that is delivering on Regulatory Intelligence with its Continuous Compliance Service aimed at PCI compliance,” added Rasmussen.
Company officials added that Agiliance CCS for PCI is an optimized cloud that provides a complete set of content, tools and audit-ready reports that an organization and their auditors need for all five stages of the PCI compliance life cycle. This lifecycle encompasses scoping, gap analysis, remediation, certification and maintenance.
Also achieving compliance with the standard synergizes business processes and technology integrations for continuous monitoring and auditing. This further ensures full asset and data protection. Agiliance CCS for PCI does this and applies to PCI PA DSS 2.0 and 1.2.1 standards.
By using Agiliance CCS for PCI, organizations can certify 61 percent faster, save over 50 percent in costs, remove audit fatigue, improve reputation, achieve real-time monitoring of PCI compliance status and also provide current documentation, evidence and reports for both internal resources as well as external consultants.
Agiliance recently announced the release of the ArcSight (News - Alert) ESM (Enterprise Security Manager) connector for its flagship product, Agiliance RiskVision.
Shamila Janakiraman is a contributing editor for TMCnet. To read more of Shamila’s articles, please visit her columnist page.
Edited by Janice McDuffee