Guaranteeing User Awareness and AccountabilityMetaCompliance® Advantage is an IT Governance, Risk and Compliance (IT GRC) product that enables organisations to automate and manage the key tasks associated with user awareness and engagement for information assurance, including risk assessment, the measurement of organisation wide IT security posture and policy management.
88% of all data breaches can be traced back to user negligence, clear proof that the user presents the most significant threat to the security of data. Employee awareness is the single biggest differentiator between nominal and best practice information governance programmes, and is an essential factor in maintaining regulatory compliance and information assurance. It must be a continual process, organisations should develop an ongoing awareness programme to keep information governance at the forefront of employee consciousness and combat the natural degradation and erosion of awareness that happens over time. This is an impossible task using existing methods of communication, such as email and corporate intranet; this can only be achieved, and sustained, with the use of a dedicated compliance automation tool that guarantees user response. MetaCompliance® delivers dedicated functionality designed to guarantee user engagement and participation.
MetaCompliance® Advantage offers key features that allow organisations to manage, enforce and sustain the entire information governance lifecycle, and develop an educated, vigilant workforce that properly uses, values and protects the data held within its perimeters. MetaCompliance® Advantage is a Commercial Off the Shelf (COTS) technology aimed at the enterprise. All the software components necessary to deliver your IT Assurance awareness project are contained within MetaCompliance® Advantage.
Employee Risk Management for Information AssuranceAvailability of information is a central tenet of information assurance; however making data available to employees is one of the biggest risks that modern day organisations must manage. MetaCompliance® unique self certification technology guarantees 100% user participation in information governance initiatives, which is necessary for regulatory compliance and information assurance. The user is engaged in such a way that they must attest to their agreement, awareness and understanding of the processes that govern data handling and information governance. Optional enforcement and validation features allow organisations to further reinforce and compound awareness, delivering a workforce that is fully aware of and accountable for their responsibilities in the ever changing information governance landscape. As management of enterprises attempt to demonstrate “duty of care” across multiple legal and regulatory environments, MetaCompliance® Advantage represents a single piece of automation that solves the user participation aspect in a way that is not possible by any other means.
Vendor/Partner Risk ManagementIncreasing globalisation of business and the drive for efficiencies has led to a high percentage of organisations outsourcing key business operations. Tackling information governance within your own organisation is much easier than dealing with external companies that handle your data or business processes; however, this is an essential element of information assurance. Once you open your information systems to third parties, you immediately extend your responsibility and liability for the protection of the information held by your organisation.
MetaCompliance® Advantage enables organisations to automate the inclusion of third parties in the information assurance programme, guaranteeing their awareness, accountability and compliance with corporate governance processes. Unique functionality enforces the ongoing assessment and certification of third party employees, ensuring that organisations manage the substantial risk associated with vendor/partner relationships, and secure best practice information assurance.
Governance Reporting – Proving Due Care to 3rd party auditors and regulatorsMetaCompliance® Advantage addresses the key business problems of demonstrating compliance with legislative requirements and proving due care to third party auditors and regulators. This is achieved by enabling governance stakeholders to initiate long term compliance strategies that automate those repetitive and mundane processes that are typically prone to human error. The reporting capability of the software allows problem users, departments or regions to be easily and quickly identified in the MetaCompliance® Governance dashboard. This provides transparent, real time information that can be used to streamline information governance programmes and effectively target those areas that present the highest risk to data security. Automatic policy versioning control ensures that historical data on all activities undertaken within MetaCompliance® Advantage is presented in a unified view, readily available for access and scrutiny by auditors and regulators.
Automated Survey and AssessmentAll of the principle based regulatory programs and the key IT Governance frameworks require the organisation to be able to measure and gauge improvement over time. The key to maintaining best practice information assurance is the ability to continuously test and assess user knowledge and awareness of the main risks to corporate information security. This is a costly and labour intensive task without the help of automation, and subsequently most organisations do not have the resources to commit to this essential step in the information governance process.
MetaCompliance® Advantage allows organisations to regularly test and risk assess users on their knowledge of corporate information security practices, with minimal time and effort. MetaCompliance® self certification ensures 100% response to surveys and risk assessments; real time reporting provides detailed information that allows organisations to streamline information governance activities to address those areas that present the most immediate risk. By ensuring participation in risk assessments, organisations can measure the effectiveness and value for money of their IT Assurance programmes. The software will highlight areas where spending is delivering results and those areas where investment is being wasted.
MetaCompliance® IT Governance Maturity LifecycleEffective IT Governance is a key strategic enabler for the growth and prosperity of any organisation. The IT Governance Maturity Model provides an excellent mechanism for organisations to chart the evolution from living in hope in relation to IT Assurance, to an optimised position, where they have implemented the key attributes of a proactive and mature IT Governance environment.
MetaCompliance® Advantage is an important piece of automation that allows companies to arrive at the most optimum IT Governance position; the functionality of the software matches the key constituents of the model, namely automation, risk assessment and management, internal control, value delivery and alignment with corporate strategy. This allows MetaCompliance® organisations to quickly achieve and maintain optimised IT Governance, regardless of the environment in which they operate.
Situational Awareness with Dynamic Intercept™Advancements in technology mean that certain events present a heightened and constant threat to the security of data held within an organisation. Vast amounts of information can be easily transported on a USB, for instance, and misplaced or discarded by an employee who is uninformed and unaware of the risk that this behaviour presents.
Dynamic InterceptTM is a unique feature of MetaCompliance® designed to heighten employee awareness of the most risky information governance practices at the time when it is most optimal, when the event takes place. This allows organisations to reinforce the most important information handling messages, and directly impact and manage employee behaviour with regards to specific information governance threats.
Diverse User EngagementMetaCompliance® Advantage is the only solution that allows you to target and engage all users in your information governance programme. Mobile and remote workers, third party and non electronic users are all catered for within MetaCompliance®, allowing organisations to verifiably communicate information governance policies, risk assessments and awareness messages to everyone who will access information on their systems.
Completing the Governance lifecycle with Joiners and LeaversEnsuring that new employees sign up to current organisational policies is a headache for all organisations, and a common problem area at audit. It is imperative that new employees are made aware of their responsibilities with regards to information governance, in order for an organisation to maintain compliance and best practice information assurance. The MetaCompliance® Advantage unique targeting ability allows organisations to automate the management of information governance awareness on employee commencement, thus ensuring the continuation of the information governance awareness lifecycle and best practice information assurance.
Multi-level Targeting ControlThe ability to target users at multiple levels is an essential requirement for enterprises operating over multiple sites, regions or countries. Organisations must ensure that the right users are receiving, and responding to, the right communications in order to prove due care.
MetaCompliance® Advantage powerful targeting functionality has the ability to target users from a granular, individual level right through to organisation wide, including all of the company specific groups in between. An additional feature allows permissions to be assigned to ensure further targeting control.
Optimised Information Governance WorkflowInformation assurance is no longer viewed as an IT problem; therefore the information governance committee in any organisation is a representation of multiple departments and levels within the business. Typically the approvals process required for governance communications is an arduous one, and is a bottleneck for most organisations. Managing this process with MetaCompliance® Advantage allows organisations to automate, track, expedite and enforce the review and approval of important information governance communications, thus ensuring the continuation of those processes that are required to achieve and maintain information assurance.
- User Awareness
- Multi Level Targeting
- Diverse user facilitation
- Governance Reporting and Auditing
- Vendor management
- Dynamic Intercept
- Intelligent Desktop Control