try preemptive solutions now! bry preemptive solutions now!

Home arrow Responsibilities arrow Audit & Risk Management
 

Audit & Risk Management

Over the years, our thousands of clients have helped us immensely to understand their responsibilities and objectives concering audit and risk management.  Organizations need compliance with industry and government regulations and standards if they are to be successful and survive. Reducing risks and identifying weaknesses  in application infrastructure are vital to an organization's survival. While we can't help organizations achieve all of their goals, following are those areas where PreEmptive can make a substantial impact:

1) Identify Risks

While application configuration risks have been the focus of many audit professionals due to Sarbanes-Oxley and other regulations, application vulnerability remains a gaping hole relative to risk.  PreEmptive's AtRisk code crawler tool is key to identifying at-risk applications.

2) Map Current Controls

Using AtRisk's output, audit and risk professionals can place these risks into their overall risk/control framework as well as trigger immediate remediations.  Depending upon control maturity relative to some of the processes, this will then include linking already documented controls to the risks or collecting new controls from process participants/owners.

3) Design & Implement Appropriate Controls

Once the current control environment is mapped, changes or additions can be made.  Many key controls are available through PreEmptive's various solutions.  Our professional services team and business partners have the PreEmptive-based library of potential controls that help organizations effectively control application vulnerability risk when used in conjunction with other controls.

4) Audit & Monitor Performance of Controls

In addition to the preventative controls made possible through PreEmptive solutions, detective controls are also possible.  Of particular interest to many of PreEmptive's clients are those that automatically trigger remediation.  Through our Tamper Notification & Response capabilities, tampered applications can automatically shut down or be handicapped in a variety of ways. Assuming certain communication capabilities exist, notifications are concurrently sent to trigger work flows associated with professional remediation solutions.
 
[ Back ]