How We Can Help
Ensure Regulatory Compliance
Get the peace of mind of knowing that your IT operations environment is always configured efficiently for regulatory compliance. The Correlata CorreAssess solution inspects and monitors your daily based IT operations and systems deployments, constantly validate that your IT environment is configured in the best way possible. It provides monitoring and risks alerts on policy violations and out-of-the-box audit reports.
Correlata platform supports cobit frameworks in the specific GRC domains:
Evaluate, Direct and Monitor (EDM):
Ensure Governance Framework Setting and Maintenance
Identify gaps between internal/external regulations and de-facto situation in the IT environment.
Ensure Risk Optimization
Complements traditional Security Risks by exposing Risks on potential unavailability of IT services and/or Risks on Data Recovery
Ensure Resource Optimization
Identify real Resource Optimization by correlating End-To-End chain of resources between IT layers, exposing connected and configured resources not providing /business value
Align, Plan and Organize (APO):
Manage Enterprise Architecture
Build instant On-The-Fly IT architecture topology based on correlation of IT elements between different IT layers
Manage Budgets and Costs
Identify Orphan and leftovers components from interconnected and configured IT Silo resources.
Manage Service Availability and Data Protection Risks by proactively identify Single-Point-of-Failures and Data Coverage by Data Protection Systems
Match relationships between Applications and underlined Multi layered IT infrastructure resources
Build, Acquire and Implement (BAI):
Manage a rich and large data inventory of IT resources and their relationships
Manage Availability and Capacity
Identify Availability gaps in All IT layers and provide insights on resource allocation and usage, measuring capacity and planning
Record configuration settings in a daily basis and helps to pinpoint problems based on configuration changes
Deliver, Service and Support (DSS):
Build deep and wide daily sets of inventory from IT infrastructure objects, identify correlative handshake, building topologies based on connectivity and supported configuration, helping to identify proper delivery and providing root cause analysis for support purposes.
Identify Risks of Business continuity by providing a proactive mechanism to constantly search of potential lack or miss-configuration of Redundancy & resiliency implementations and Single-Point-of-Failure scenarios.
Monitor, Evaluate and Assess (MEA):
Evaluate and Asses the System of Internal Control
Analyze IT metrics and feed internal control systems with IT subset information for global and consolidated (e.g. contractual, financial….) internal control
Evaluate and Assess Compliance with External Requirements
Identify related metrics of External Regulations and requirements as PCI, GLBA, HIPAA, COBIT, BASEL…and matching them against IT metrics such as feasibility to recover 7 years old data from financial systems or ensure availability to access patient medical records with no downtime.
Automatic control that can give a view of the backup accuracy and wholeness policy.
Customize reporting to different stakeholder needs.
Accumulate incidents, analyze and manage business continuity and provide insight via reports and dashboard.
Backup Policy area
Servers coverage gap Vs. the company policy.
Servers FS’s coverage gap Vs. the company policy.
RPO: Recovery Point Objective Gap analysis Vs. the company policy.
True Cost per Application on backup resources.
Gap between the backup policy and the actual status.
The true recovery ability compares with defining RPO.
Potential SPOF failure regarding infrastructure planning that can affect the availability of applications.
The ability to find unknown assets by the reflection of E2E IT infrastructure assets.