• Corporate Risk Management & Governance
• Information Security
• Business Continuity Management
• Operational Risk Management
• Health and Safety
• Environmental
• IT Governance and Assurance
• Programme and Project Risk Management
• Quality Management
• Corporate Social Responsibility

Products

Learn more about STREAM - the comprehensive risk and
compliance management solution

Industries

Find out which industries benefit from using STREAM

Resources

Want to download a datasheet? Go to our resources page

Contact Us

Use our enquiry form to contact us

STREAM Solutions: Information Security

Acuity provides an integrated portfolio of solutions for information security management. 

With STREAM you can reduce your security compliance and risk management costs, reduce incidents and optimise your security investments.

Compliance Management

Monitor and report on compliance with information security standards.  STREAM can be quickly and easily configured with any information security control standard* or multiple sets of standards. e.g.

• ISO 27001

• UK Government Information Assurance Maturity Model (IAMM)

• The ISF's Standard of Good Practice (SoGP)

• Payment Card Industry Data Security Standard

• COBIT

• CIS Security Configuration Benchmarks

• UK Government Security Policy Framework

• UK Government Data Handling Requirements (Hannigan)

• UK Government Baseline Security Standards

• NIST Computer Security Standards

• ISO 27799 (Health Information)

• HIPAA

• Your own proprietary security standards.

Metrics Management

Define, record and monitor key metrics for quantifiable data on security performance, such as:

• % components compliant with baseline security standards

• % critical security vulnerabilities remediated within X hours

• % staff with up-to-date security awareness

Metrics data can be entered manually or via automated updates from feeder applications, such as business systems and security monitoring solutions.

Risk Management

Log and assess security risks onto risk registers.  Specify mitigating actions and review residual risk status against risk appetite on management dashboards.  Drill-down to investigate risks in more detail and report on risk across each part of the business model.

Track risk status in relation to security performance metrics and compliance with key controls.  See ‘at a glance’ whether risks to business processes, systems, applications and projects are above or below risk appetite.  Aggregate up to group, regional or Enterprise views.

Incident Management

Record and track the status of security incidents and near misses.  Report on the severity and frequency of incidents by category and historical trends.   Link incidents to assets, risks and control non-compliances.

*  Subject, where required, to licensing agreements with intellectual property owners.

Register for email news

Latest

• Information Security Europe 2010

  Significant interest was expressed in the STREAM suite of products at Information Security 2010. It is clear that comprehensive risk and compliance management is becoming a key requirement for public and private organisations.

• STREAM Seminar - Ljubljana May 2010

  Richard Mayall presented a workshop in Ljubljana, Slovenia on 20 May 2010 on 'A better way to manage all your risks'. The workshop considered how STREAM can automate assurance management systems and support standards compliance.

• Risk appetite for information security

  Risk management best practice says that we need to manage risk in relation to risk appetite. But how do we do this for information security?

What are you looking for?