The Integrated Risk Management (IRM) platform offers a comprehensive suite of Risk Intelligence activities and reports, providing essential information for comprehensive compliance oversight. Key activities include:
Conducting regular scans for unpatched Common Vulnerabilities and Exposures (CVEs) to ensure timely remediation.
Identifying missing security patches in operating systems and third-party applications to maintain up-to-date protection.
Verifying that all 18 Critical Security Controls are installed and operational on each endpoint.
Scanning each user endpoint for any unprotected Personally Identifiable Information (PII) and Payment Account Numbers (PAN).
To assist IT staff with compliance oversight, the IRM platform provides email notifications for endpoint non-compliance. These notifications include detailed instructions on how to remediate the issues, ensuring that IT staff can quickly and effectively address any security or compliance gaps. The IRM platform also monitors remediation efforts for each email notification. If any non-compliance notifications remain unaddressed within a specified time period, the platform can automatically open an IT ticket to ensure prompt resolution. This feature helps maintain compliance oversight and ensures that all security and regulatory requirements are consistently met.