Drata, security and continuous compliance automation platform, announced the launch of Risk Management, enabling customers to manage end-to-end risk programs by continuously monitoring, identifying, assessing, and treating risks.
On the heels of Drata’s recent launch of Trust Center, Risk Management is integrated into the company’s current platform to provide a holistic view of building and maintaining a healthy security posture.
Companies of all sizes and industries face many risks that can permanently affect the business’s security, reputation, and financial wellbeing, but monitoring risks often result in managing cumbersome data sheets or siloed tools. With the majority of business executives uncertain about how or when their organisation will be affected by a cybersecurity incident, Drata’s Risk Management solution provides customers already running a mature risk and compliance program with one central view of all potential risks so they can make strategic decisions across the entire organisation and resolve issues quickly.
Features of the comprehensive Risk Management solution include:
- Risk register: Create and maintain a risk register to identify and analyse risks, proactively monitor and manage risks, recognise evolving patterns, and more, with a library of more than 150 pre-mapped threat-based risks based on established sources, such as NIST SP 800-30, ISO 27005, and HIPAA guidelines.
- Continuous automated monitoring: Drata extends its continuous monitoring capabilities to evaluate and proactively notify customers regarding the effectiveness of their controls to mitigate new or evolving risks.
- Integrated risk and compliance: The Drata Control Framework (DCF) comes pre-mapped to Drata’s threat-based risk library and the requirements of multiple security and privacy standards and regulations.
“Drata’s Risk Management module adds enormous value to our risk management program,” said Tonya Thepthongsay, Director of Risk and Compliance at Rialtic. “Automating the relationship of risks to controls and tests in Drata gives us near real-time visibility to changes in our risk environment. The ability to assign risk owners and automate the follow-up process elevates risk visibility and accountability throughout the business.”
“Drata aims to be the trust layer between our customers and those they do business with, and we know compliance automation is just one critical piece of that equation,” said Adam Markowitz, Drata Co-Founder and CEO. “Launching Risk Management and integrating it into our platform is one of the many steps we’re taking to address the maturing needs of customers advancing in their compliance journey.”