SecureAware® is a patent-pending all-in-one platform for compliance, best practices and security awareness that incorporates an automated workflow engine built in accordance with ISO international standards. Supports ISO 2700x, PCI DSS 1.2, and CoBIT 4.1 frameworks out-of-the box Built on industry-standard technologies Easy to install, deploy, and support Easily supported within existing IT infrastructure

1. SecureAware®Automates IT-GRC Processes Automated Risk and Compliance Management Solution

3. Our Approach to Best Practices

4. SecureAware®

7. Require organizational alignment

8. IT Policy with business objectives

9. Workflow to the policies / procedures

10. Policies, procedures, and awareness is communicated

11. Data Security Standards

12. Privacy Rules

13. Security Awareness Training (SAT)

14. Governance and control structures

15. Risk management focus

16. Operational assurance

18. Information Technology Infrastructure Library (ITIL) Provides a common framework to formalize a service-oriented management approach within IT and improve interaction between IT and the business units Objective: Build an IT organization that is governed intelligently, meets customer and business requirements, and delivers a high level of service while minimizing risks and maximizing efficiencies and effectiveness.

19. IT Governance, Risk and Compliance IT-GRC exists to ensure consistency, efficiency and transparency in multiple governance, risk and compliance management processes throughout an organization. Collaboration is required amongststakeholders responsible for corporate governance, compliance management, risk management, IT, auditing, and other relevant business functions.

21. GAP analysis and assessment functions

22. Compliance (continuous) testing and management

23. Risk management and assessments

24. Business Continuity Planning (BCP)

25. Targeted security awareness training (SAT)

26. Dashboards and timely reporting

29. Easy to install, deploy, and support

31. SecureAware®An IT-GRC Software Solution 2010Info Security Products Guide Global Product Excellence – Policy Management Solution Global Product Excellence – Risk Management Solution http://www.infosecurityproductsguide.com/awards/2010/2010GBE-Finalists.html

32. SecureAware®An IT-GRC Software Solution 2010 Network Products Guide Product Innovation – Compliance Management Solution http://www.networkproductsguide.com/innovations/index.html

33. Risk Management Product Peer Review Product Rating For: Awareness tools and acknowledgments and testing; BCP inclusion; very nice UI. Against: Truly assessment-driven tool for measuring risk. Verdict: Great tool for developing an enterprise GRC plan and risk management solution. Source: SC Magazine, a publication of Haymaker Communications / June 10, 2010

35. Policy alignment and version control

36. Import / map existing policies

37. Create / modify new polices

38. Rapidly deploy Security Awareness Training

39. Compliance checking / gap analysis

40. Self assessments / questionnaires

41. Tasks linked to policies

42. Workflow for review & approval

43. Recurring tasks / templates

44. Documentation linked to task

45. Automated checklists / calendars

46. Business continuity plans

47. BCP structures

48. BCP templates

50. Automate risk assessments

51. Vulnerability reporting

52. Business impact assessment

54. Converge and Manage on Common Policy / Delivery Platform ISO 27000 TBD Federal Mandate Any State Privacy Law PCI Sarbanes-Oxley CoBIT 4.1 IT-GRC Solution Delivery IT Services Delivery Management

56. IT Security Strategy and Execution

57. Organizational Development

58. Experts in IT-Governance, Risk and Compliance (IT-GRC)

59. Compliance Program Development and Management

60. Security Awareness Training (SAT)

61. Penetration and Vulnerability Assessments

62. Application Security AssessmentsExclusive distribution and support for SecureAware® in North America

63. Contact Details Gary Blume Senior Vice President Lightwave Security gblume@lightwavesecurity.com T: 404.276.6192