GRC ENGINEERING AND APPSTORE

Turnkey solution packages that accelerate implementation of GRC platforms

WHAT WE DO

Our Apps are available as turnkey ‘solution packages’ these packages require minimal customizations and some effort to ensure the ‘package’ is fully integrated and optimized for your environment.  The packages allow for rapid proof of concepts and implementations rather than spending time and effort on designing and developing it.

OUR CAPABILITIES

Our Risk Management advanced automation solution helps organizations rapidly and comprehensively cover all the information assets for conducting risk assessments rather than conducting sample-based risk assessments. The solution includes data integration capabilities with a wide range of scanning and inventory systems along with workarounds and override where data sources may not be ready with clean and accurate data.

The solution also allows for over-rides and role-based delegations to address situations where stakeholders may not be clearly identified.  Risk methodology is optimisations including the use of control rationalization buckets, pre-defined (but editable) threat and vulnerability applicability matrix, risk buckets (for syndication) for a large-scale factory type automation of a risk management framework.

Our Third-Party Risk Management automation solution helps organizations efficiently and effectively manage third-party programs including vendor categorization, risk level calculators, pre-assessment business scoping assessment and vendor assessment itself.

The solution includes data integration capabilities with supplier management systems along with workarounds and override where data sources may not be ready with clean and accurate data.  The solution provides end-to-end workflows starting from vendor intake to assessment and remediation, the solution includes: stakeholder focused reports and dashboards and is also capable of tracking SLA for the assessment activities.

Our Centralized Issue Management solution helps our customers manage the entire range of information security issues identified through a multitude of sources, including Risk Assessments, Audits, Automated Vulnerability and Configuration Scans, Security incidents among others.  Our solution prevents duplicates and supports a workflow that includes individual and group-based exceptions, remediation and false positive recording.

The solution involves integration with multiple sources for assets and organization structure and builds a relationship with Archer to obtain the system criticality and inherent risk. Similarly, for issue identification, various sources are integrated, and a centralized issue repository is built. The system automatically removes the duplicate issues identified by these sources and groups them based on controls, owner/stakeholder, department/function, Asset etc., allowing organizations to remediate the issues as per their preference.


OUR SOLUTIONS

Aujas helps organizations manage information security risks by protecting data, software, people and identities in alignment with best practices and compliance requirements.