The Silicon Review
The COVID-19 pandemic was a grave reminder to organizations that we do not know in advance when and where unexpected risks will come from and precisely how they will propagate through our systems. Since March 2020, companies unexpectedly had to transition their entire workforces to work remotely, testing their cybersecurity, and risk and compliance practices. Compounding the negative impact was that traditional ad-hoc tools and methods to manage risk management approaches created more challenges than solutions. Now, Risk likelihood and impact get more interest from business leaders, who now recognize preparedness for a major event like COVID-19 requires an integrated view of risk, from strategic to operational to even technological. Products like Allgress IRMS proactively prepare organizations for potential risks by automating organizational and partner risk assessment and management.
Created by Allgress, IRMS is an award-winning purpose-built integrated risk and compliance no-code management platform. The IRMS provides a common infrastructure that streamlines the entire risk lifecycle, compliance, IT security, and third-party vendor management through a single platform. The IRMS can correlate multiple data sources with flexible workflow so an organization can leverage technical, procedural, and operational control information from automated assessments and multiple third-party integrations to guide their risk management.
In an interesting interview with us, Allgress CMO Jeff Kushner talked about the importance of IRMS and how it can be helpful for CISOs everywhere. Read on for the excerpts from the interview.
Q. What problems does Allgress address? What does it do better than others?
Customers were struggling with multiple homegrown tools and spreadsheets that led to inconsistencies and confusion, which ultimately led to failing audits and not knowing what their risk posture was on a continuous basis. They needed an integrated Governance, Risk and Compliance (GRC) solution that streamlined and automated the entire or particular disciplines of the GRC lifecycle depending on our organization’s maturity in risk management. Another reason the independent tools and methods were not as effective as the companies required were that they were not aligned with business objectives. When implemented as part of a process, Allgress helps Chief Information Security Officers, IT Security and compliance teams move past non-integrated methods of GRC to more mature risk management and compliance programs.
Q. How do you solve the GRC problems of your clients?
As a regulation agnostic solution, Allgress employs an easy-to-navigate interface supported by our comprehensive and mature platform-based ongoing customer input. The platform includes an extensive library of numerous standards and frameworks as the foundation for automated continuous monitoring of vulnerabilities, risk, compliance, accreditation and vendor management through workflow, policies, evidence collection, exception management, incident response, and flexible reporting.
Tell us about Allgress IRMS.
The Allgress Insight Risk Management Suite (IRMS) is our award-winning, integrated risk and compliance no-code management platform with a single system of record. Allgress makes it possible for organizations and their business partners to automate and reduce their business risk with less complexity and cost.
The available GRC-centric modules of IRMS provide organizations of all sizes the capability to maintain a single robust system to create a holistic view into their GRC program. The modules can be acquired individually or as a suite to provide the versatility to meet any GRC program and organizational maturity level.
Q. What makes Allgress solutions unique?
IRMS is an enterprise-class integrated risk management next-generation GRC automation solution, enabling organizations of all sizes to achieve robust organizational and partner risk and regulatory compliance management programs with less complexity and cost. As a “no-code” platform, Allgress enables users to easily create or emulate existing processes with simple configuration features and provide comprehensive integration with existing products.
IRMS employs an easy-to-navigate interface supported by our comprehensive, mature platform built from the ground up and continuously improved as a regulation agnostic solution. The platform includes a library of numerous standards, cross-mapped standards and frameworks available for customers to use as-is or customize to meet each organization’s requirements.
The solution is easy to acquire by licensing by the module of functionality and not users. We pursue to keep our solution easy-to-use by making all functionality across the platform and modules have the same look and feel, contributing to quick-time-to-value.
The ability to leverage existing investments has also always been important so customers can enhance their solutions and re-use existing processes already in place, such as ticketing and other technology investments. We evolve our GRC solution by listening to customers by soliciting their feedback through our customer portal, support interactions and user forums leading to continuous product improvements.
Q. The speed of deployment is a concern when it comes to GRC solutions. How fast can Allgress solutions be deployed? What contributes to this speed?
The Allgress solution is deployed as a SaaS solution which makes its implementation quicker with less complexity. The availability of hundreds of regulations, standard-to-standard mapping and best practices, frameworks gives customers a kick start to comply with regulations, accreditation with likes of FedRAMP and reduce business risk. The easy-to-use streamlined user interface is consistent throughout all the modules contributing to identifying business risks before they cause impact.
Q. How important are partnerships to your company?
Partnerships are significant to our business model. Our encompassing partner network of over 40 partners provides Allgress customers access to a wider range of complementary functionality, knowledge, experience and implementation services. It also enables the availability of our products in other countries, functionality as part of managed services and leveraging existing investments via support for more than 50+ technology integrations with various vulnerability scanners, ticketing systems, and cloud-based solutions.
Q. What does the future hold for your company?
The Allgress platform was built and continues to be enhanced to meet the challenges of simplifying GRC with less complexity, cost and time-to-value. Everything we do focuses on building on those guiding principles. Our customers and industry involvement are the driving force behind everything Allgress delivers to our customers, partners and service providers.
As cloud technology evolves, we will continue to enhance functionality via open APIs to support the automation of bi-directionally providing integrations with other technologies to enhance customer value.
The Leader Upfront
Jeff Kushner, CMO: Jeff leads marketing at Allgress as the Chief Marketing Officer (CMO) and has been with the company since July 2012. As CMO, he is responsible for global marketing, branding, positioning, and corporate communications. Jeff brings years of experience in a variety of leadership roles in technology marketing and business development.
Before Allgress, Jeff has held positions that increased revenue and market penetration with market leaders, including BindView (now Symantec), BMC Software, Sun Microsystems (now Oracle) and consulting to many organizations. His efforts have been instrumental in advancing the development and adoption of technology, applications, compliance, and risk management.