CA Clarity™ Risk and Controls Management
Manage risk by getting a unified view of your enterprise-wide compliance initiatives.
With regulatory responsibility falling on executives throughout the value chain, and with the increase of stringent overlapping regulations (PCI, SOX, HIPAA, Basel II State Identity Theft, GLBA etc.), enterprise risk management needs more of your attention than ever. Your organization is faced with multiple regulations to worry about and not enough accurate information to prepare yourself for future challenges.
CA Clarity's Risk and Controls Manager (RCM) provides you with a global repository that easily maps both internal policies, procedures and SLAs as well as external regulatory requirements to existing or new risks and controls. This gives you the power to improve the quality of your controls and to continuously monitor, manage and report new risks.
Our solution streamlines your current compliance process, which may include an unsustainable mix of multiple systems and ad-hoc spreadsheets, charts and documents. Now you have it all at your fingertips, in one dashboard view that allows you to continuously monitor, manage and report on all risks and controls across your enterprise.
Move toward total Enterprise Risk Management
Due to Sarbanes-Oxley, chances are your organization has already documented your business and IT processes and controls as part of your current compliance program. CA Clarity RCM leverages that existing program to move you forward toward complete Enterprise Risk Management, with a global repository that allows you to continuously optimize your processes for identifying risks and controls. The result: your compliance program can evolve to a greater level of maturity.
Control Optimization
Our Risk and Controls Manager leverages the control and regulatory mappings of the IT Compliance Institute's Unified Compliance Project, along with industry standard frameworks such as C obi T, COSO, NIST, and ISO17799:2005, which allows your organization to report on risk and controls from different perspectives. You can easily identify efforts that support compliance-related activities and rapidly integrate future business and regulatory requirements into an enterprise-wide view of controls. When the next regulation comes along, you won't need another “point solution”.
Continuous Monitoring and Reporting
The Risk and Controls Manager gives you the tools you need to report compliance and monitor for policy violations across your enterprise. You can report on testing results, remediation plans, risks associated by controls, controls associated with specific regulations and many other aspects of governance, risk and compliance.
Manage Control Costs Across Your Organization
With an aggregated, summarized view of the human and financial resources you have assigned to controls implementation, testing, remediation and risk assessment, you can better manage the costs of handling risks, controls and compliance initiatives.
Available as a CA Clarity Solution Pack
CA Clarity RCM is delivered as a solution pack, combining the CA Clarity system; CA Technology Services; internal best practices dashboards, templates and workflows; the IT Governance Institute's COBIT; and the IT Compliance Institute's Unified Compliance Project (UCP).
| Features | Benefits |
| Import Existing Controls | Provides an easy migration from your existing internal risk and control tools. |
| Create role-based views | Allows users to lock down access to control information. |
| Auditing and flexible and configurable workflow capabilities | Facilitates the tracking and alerting of changes that are made to controls. |
| Capture, score, and prioritize risk based on specific risk management methodologies | Offers a highly configurable environment that can tailored to almost any risk methodology. A powerful workflow engine automates Risk Management Assessments across the organization. |
| Map risks to existing organizational controls | Builds risk associations that provide context as to why these controls need to be managed within the organization. |
| Map risks and controls to regulations | Using pre-defined mappings of controls to associated external regulations and standard industry frameworks, your organization can associate your own controls to these standards. |
| Define, measure and report against Corporate Policies, Procedures, Standards, and Guidelines, as well as business requirements such as Service Level Agreements. | Translates policy requirements into control activities and monitors for policy violations across the enterprise. Also lets you manage strategic business relationships through the creation and monitoring of Service Level Agreements or other contractual arrangements. |
| Create a Best Practice Repository and map these practices to existing controls | Tracks and measures your performance against these best practices to support continuous improvement efforts within your organization. |
| Document control testing | Uses access control and document management features to ensure the integrity of testing work papers. The check-in/check-out system built into the platform can provide useful information to track who has been accessing what and when. |
| Manage all aspects of internal and external audits to the resource and document level | Fully automates many aspects of a corporate audit function. |
| Utilize industry-standard control frameworks | Supports COSO, CobiT and NIST standards. |
| Powerful reporting capabilities
|
Provides the “spreadsheet view”, as well as a variety of advanced reporting capabilities. Graphs and views are interactive and support drilling down to the information that is relevant to any specific role within the organization. |
| Resources |
 CA Clarity PPM Resource Center CA Clarity PPM Functional Overview Brochure Gartner Magic Quadrant Report CA Clarity PPM for ITG: Why Now? Backbone System of CA Clarity for ITG |
| Online Demos |
| CA Clarity PPM for IT Governance Demo |
| Webcasts |
| Evaluation Tools |
| ITG ROI Calculator Tool NPD Benchmarking Tool |
| Events |
.gif){kind=logo}