2. OVERVIEW
• NetIQ is an enterprise software company that provides products for identity and
access management, security and data center management
• Atlas Systems worked with NetIQ to develop an off-the-shelf dashboard
application for risk and security compliance
• The clients for this application include Fortune 500 companies across numerous
industries as well as the United States government
3. CHALLENGES
• The solution was required to align security metrics gathered from users’
IT systems to demonstrate compliance with IT related policies and
regulations
• Those metrics had to be displayed in a powerful yet easy to understand,
web based dashboard for compliance management
• This solution also had to analyze IT risk factors such as compliance
exceptions and vulnerabilities across the key areas of the user’s business.
4. SOLUTION
• Atlas architects and engineers designed, developed and continue to
provide ongoing implementation services for the NetIQ Risk and
Compliance Center as well as the complete suite of NetIQ security
products
• Atlas Systems works closely with domain experts to perform
requirements gathering for Implementation Services, execute Product
Configuration/Product Enhancements, data integration and conversion
services
5. RESULTS
• Demonstrates regulatory compliance —The solution maps technical assessment results to
specific regulations and standards to present key compliance metrics for different control
areas. From high-level compliance reports, managers can drill down to problem areas and
render management reports based on regulation or security standard (e.g., Sarbanes-Oxley,
HIPAA, FISMA, ISO 17799).
• Delivers on-going risk analysis —The solution measures IT security risk in your environment
using innovative metric models that factor in the nature of compliance exceptions and
vulnerabilities and the business value of IT assets.The ability to provide in-depth reporting,
along with executive overviews, makes it easy to spot potential problems before they impact
services or security.
• Centralizes security information for easier access and decision-making —The solution mines
security assessment results reflecting system configurations, vulnerabilities, patch levels, user
accounts and permissions, auditing and more into an enterprise dashboard.With easier access
to critical security information, managers can quickly assess security risks and regulatory
compliance in order to allocate resources effectively
• Turns complex data into actionable information —The solution presents information in easy-
to-understand charts, graphs and executive summaries via a customizable interface.Views can
be tailored to your regulatory, organizational and technical needs and drill down capabilities
make it easy to go from a high-level summary to a detailed analysis.