Modulo Risk Manager is a software used to automate GRC processes, integrate different areas and activities and allows for centralized reporting of these normally segregated processes. The platform offers a framework for managing the many areas and activities involved in a business, such as risk management, compliance with laws and standards, among others.
The "GRC" term reflects a new guideline for integrating these components, which normally use the same information but have different purposes, such as audits, legal activities, internal controls, employee health, environmental preservation, risk management, and compliance. The adoption of this integrated vision of GRC involves the development and maintenance of a framework that requires efficient processes, informed and committed people, as well as technology and systems that facilitate integration, transparency, and consistency for these processes and areas. The implementation of this structure is a global trend in organizations and allows for combined efforts to strengthen governance based on objectives and indicators that use precise and uniform risk estimates, as well as the measures necessary for achieving compliance with the mandatory (legal or regulatory) and voluntary limits at all levels of the organization.
The product includes an extensive knowledge database to support GRC projects, containing countless good security practices for assessing information security risks (CIS TOP-20, SANS, DISA, etc.), catalogues of threats and vulnerabilities identified by scanners, in addition to other specialized methodological content for automating the process of compliance with standards, norms and regulations relevant to the organization (PCI, ISO/IEC 27001, ISO/IEC 27002, ISO 31000, ISO 22301, ISO 27005, ISSO 27032, ISO/IEC 20000-1, ISO/IEC 20000-2, COBIT, etc.). In addition to content provided by Modulo, editors are available for creating, editing, and publishing custom content, ensuring the flexibility necessary to adjust the system to a wide range of GRC projects.
Actions that need to be monitored, such as tasks, processes, requests and issues from many modules, can be managed as events in a single module to reduce the response time, centralize information, and generate event-related metrics. In addition, queries allow results and metrics generated through risk and compliance evaluations to be consolidated for different objects in the organization, thereby centralizing the essential information for managing the processes that it supports.
Built from 30 years of experience in software projects and consulting, Modulo Risk Manager is a globally recognized platform with a structured methodology and supported by international norms and standards, providing a simple and effective structure for integrating GRC management processes.