Real-time integration with IT operations and threat management systems can be instrumental in enabling continuous audit process for IT environment to reduce security risk and achieve compliance. MetricStream solution can integrate with IT operations, asset management and compliance auditing systems to continuously monitor incidents which can increase chances of regulatory compliance risk. The solution can relate all incidents to IT assets stored in GRC library such as servers, desktops, laptops, routers, switches, firewalls, and enterprise applications.
MetricStream solution's ETL technology can poll CMDB, IT operations Management and compliance auditing system on real-time basis and look out for incidents which are mapped with the assets in IT GRC library. The moment an incident is detected, the workflow automatically maps the incident to policies, risks and controls associated with the asset or group of assets. The solution will automatically calculate risk score associated with the incident based on built-in rules. Based on risk score, the solution can trigger issue management, risk assessment and control testing workflow.