June 01, 2009 | Palo Alto, California: MetricStream Inc., the market leader in Global Governance, Risk, Compliance (GRC) and Quality solutions, today announced that an energy distribution company from a Midwestern US state is deploying the MetricStream GRC Platform for compliance with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Cyber Security Standards designed to mitigate cyber security risks.
MetricStream’s Document Management solution will be deployed as a central system of record for NERC reliability compliance for all serviced regions. From a compliance stand-point, the first thing regulators and auditors want to see is how an organization defines its adherence to requirements based on how policies and procedures are managed. MetricStream provides a flexible framework to streamline creation and management of corporate policies to facilitate accountability and foster communication. The solution enables companies to adopt an electronic and automated approach to the development, maintenance and communication of various documents, guidelines, policies and procedures across the enterprise. Furthermore, MetricStream’s Compliance Management solution will allow the public service company to tackle compliance challenges in a sustainable, repeatable manner through risk and control assessments. In its entirety, the solution will deliver rules-based workflows and robust management and reporting tools that provide enterprise-wide visibility into compliance and enable superior decision making.
NERC is responsible for developing and enforcing reliability standards, monitoring the bulk power system, assessing future adequacy, and auditing owners, operators, and users of the bulk power system. These standards are designed to ensure dependability in North America’s power grid and violations can result in fines of up to $1 million per violation per day. As a result, they are forcing electric energy providers to strengthen their compliance programs. Paper-based processes, point solutions or legacy application cannot scale to meet complex compliance requirements, which span thousands of standards. MetricStream offers a flexible, cost-effective approach to streamlining all risk and compliance processes in an organization based on an integrated GRC platform. The platform’s integrated and workflow driven approach delivers an automated solution to optimize critical processes while creating transparency, auditability, and accountability.
"Customers are looking for ways to create a consistent, dependable approach for managing compliance and identifying, quantifying, managing and reporting enterprise risks and controls,“ said Carl McCauley, Vice President of Sales at MetricStream. “This implementation shows how MetricStream is leading the market by facilitating structured risk and compliance management programs driven by its platform-based technology and solution offerings.”
MetricStream is a market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions. MetricStream solutions are used by leading global corporations in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management programs, quality management processes, regulatory and industry-mandated compliance and other corporate governance initiatives. MetricStream’s customers include Procter & Gamble, UBS, Societe Generale, Pfizer, Philips, Cummins, Kellogg’s, Mondelez International, SanDisk, and NetApp. MetricStream also owns and operates the www.ComplianceOnline.com portal - the largest GRC advisory network and one of the largest GRC communities. MetricStream is headquartered in Palo Alto, California, USA (www.metricstream.com).