SPISAT® (Security Profile Interrogator and Systems Audit Tool) is a combinations of applications and processes which enables the automated audit and risk management process within an organization empowerng custodians to manage their compliance requirements.
SPISAT® applications suite consists of a number of applications using the same database backend. Each solution or application can be executed in a standalone configuration, however using all the applications together facilitates an integrated workflow between risk identification, management and follow-up.
1. The Security Analyst/Auditor performs compliance review and lodge risks/audit findings in the Enterprise Risk Repository.
2. Risk Management or Subject matter specialist (or Audit Manager) review and monitor all findings lodge in the risk repository in real-time.
3. A custodian (owner of the risk) has an opportunity to comment on the risk, mitigating controls, and defines a timeline when the control will be in place.
SPISAT® consists of a number of applications working together, identifying assets, risks and the mitigating controls in place to minimise those risks. Application in the suite includes:
The development roadmap is comprehesive, including the foundations as required by formal control methodologies. The objective and deliverable is a continuous risk and compliance management process with the owners, audit, risk management, information security and other stakeholders involved using life cycle management per risk.
Built on a scalable architecture with RIM (Remote Invocation Methods) communicating via a n-tier broker minimising network impact. It is possible to communicate efficiently via a satellite communication using built-in compressed communication and still have the scalable feature-set of a stateless server.