Compliance management steps up
- By Brad Grimes
- Jan 05, 2006
Agencies in need of technology that can help formulate security policy and check systems for compliance with FISMA might want to look at the new Command Center management solution from Scalable Software Inc. of Houston. The Securities and Exchange Commission recently adopted Command Center to manage the security compliance of its 20-plus major IT systems, said Chrisan Herrod, SEC's chief information security officer. 'Most of the systems that the SEC runs are homegrown,' she said, making compliance, as well as certification and accreditation, especially challenging. 'The tool is user friendly. ... Now all our C&A data is in the Command Center console.'
While previous versions of Command Center were useful for creating policies and documenting compliance, the upgrade introduced last month includes automatic compliance checking (initially for Windows systems) and traceability matrices designed to map complex relationships between policies and assets. The new version will also include technical benchmarks from the Center for Internet Security. But most importantly, it will now come in an enterprise version so agencies can load it in-house. Previously, Command Center was a hosted application.