IN THIS ISSUE
Reference Library: Risk Management Products and Services
Tools used by IT auditors for assessing IT and related risks and for contingency planning.
@RISK risk analysis and simulation add-in for Microsoft Excel recalculates spreadsheet hundreds or thousands of times, selecting random numbers from range entered, and provides possible outcomes.
8e6 Technologies provides monitoring and filtering products to provide safe Internet access and manage employees' Internet usage for inappropriate content.
AliahTHINK breaks down important decisions into a hierarchy of smaller decisions, using ratio mathematics to ensure that an analysis is mathematically valid, and including a rating sheet tool to score alternatives.
Alion Science and Technology
Alion's CounterMeasures software helps organizations identify and manage physical security, critical infrastructure, information security, and seaport security risks; calculates risk levels; and measures compliance.
APACE is the Audit Planning And Control Environment featuring and documenting: planning model, risk matrix, annual plan, timesheets, jobs, staff, recommendations, security. Free demo available.
auditMASTERPLAN is a risk assessment, planning, and work tracking system for internal auditors.
Automated Cost Estimating Integrated Tool (ACEIT)
This automated architecture and framework for cost estimating and other analysis tasks is a generic, flexible, Windows-based system for estimating virtually any task on any type program.
Boardwalktech's tabular database adds multi-user consolidation, secure access control, version control, and auditability to any collaborative spreadsheet-based process, reducing costs and compliance risk.
Business Protection Systems International (BPSI)
BPSI is a plan development tool for the creation of risk reduction and business continuity plans, which can be used on a single workstation or on a LAN or WAN.
C&A Systems Security Ltd.
C&A Systems Security is a U.K.-based company offering security and risk analysis products and services such as COBRA Risk Consultant, ISO #17799/BS #7799 Security Consultant, and cryptographic products.
CCH TeamMate audit management system enables remote usage, bundled scanning software, and report generation capabilities.
Chetan Dalal Investigation and Management Services (CDIMS)
CDIMS in Mumbai, India, provides fraud protection investigations, data collection, and evidence gathering; post investigation implementations; audits; risk evaluations; site inspections; and other services.
Cigital provides research services, research papers, software certification, and new software security products to help organizations enhance their reliability, safety, and security solutions.
Computer Sciences Corp. (CSC)
CSC provides e-business solutions for applications, business processes, credit services, customer relationship management, enterprise application integration, hosting, security, IT infrastructure, and supply chain management.
Computer Security Consultants, Inc. - RecoveryPAC
RecoveryPAC is a planning tool designed to accomplish business recovery planning objectives, develop enterprise wide plans, or plans for specific locations and facilities.
Computer Security Products Inc.
Computer Security Products Inc. provides data security and enterprise management solutions and consulting services. Products include AuditView, SecurTN encryption, Alert-Plus 2, and Tandem Security Analyzer.
Control Solutions International
Control Solutions International's services focus on process improvement reviews, technology audits, best practice surveys and reengineering facilitations, benchmarking, risk and control self-assessments, security, and vulnerability.
Countermeasures Information Security
Countermeasures InfoSec provides security consulting, vulnerability assessment, and knowledge-based software to conduct security audits on information technology systems and networks.
Computer Sciences Corp.'s Riskmaster risk management claims software works with existing networks, databases and hardware to integrate with a local area network, a wide area network, an AIX/UNIX system server, or remote intranet applications.
Decisive Tools' iDecide decision analysis tool creates influence diagrams using drag-n-drop to represent your decision or model, then runs Monte Carlo simulation to explore all possible outcomes.
Electronic Warfare Associates Inc. (EWA)
EWA provides security evaluation and testing, information protection, infrastructure protection, intelligence support, software engineering, encrypted communications, and computer emergency response teams.
Enterprise Risk Management
Enterprise Risk Management provides outsourced internal audit services, security reviews, risk management, system evaluations, application development, SAS 70 reviews, attestation, business continuity, and impact analysis services.
Envision Technology Solutions Inc.
Envision Technology Solutions develops, licenses, and services risk management information systems, such as RiskEnvision claims for auto liability, general liability, workers' compensation, and Property.
EWA-Canada offers information assurance services including access to the resources of Canada's first national incident response team. EWA-Canada is a member of EWA-Global Sentry, a global alliance of EWA companies and affiliates.
Expert Choice Inc.
Expert Choice for Windows is a multicriteria decision-support tool using Analytic Hierarchy Process (AHP) decision-making methodology.
FM Global commercial and industrial property insurance and risk management company specializes in property protection, providing engineering solutions, testing, standards, ISO 9000 registration, and more.
Foundstone a managed security services provider provides security lifecycle intelligence to prevent and resolve issues of vulnerability management and protection, security services, software, and education.
As a horizontal decision-making system equipped with interactive parallel thinking and artificial intelligence capabilities, Matrix Cognition takes a user-driven approach to problem solving across 30 domain categories.
GRafP Technologies Inc.
GrafP Technologies' S:Primer Plus for conducting surveys, audits, assessments, and risk analysis identifies threats, analyzes and manages risks, and presents results in a reliable and consistent format.
Ideation International Inc.
Ideation International Inc.'s products and services are based on the Ideation/TRIZ methodology, which incorporates a theoretical knowledge-base drawn from patent libraries and other sources of technological knowledge.
Criterium DecisionPlus supports users in analyzing complex decisions involving multiple criteria and in consistently assigning relative importance to criteria and rating alternatives against those criteria.
Internet Security Systems
ISS provides security products and services for networks, servers, applications, and desktops including security assessment, policy enforcement, and intrusion detection.
InterSect Alliance provides security integration and configuration; intrusion detection and response; security audits and system reviews; penetration testing; and security risk management.
Intrusion Inc. provides intrusion detection systems, vulnerability assessment software, and integrated security appliances to "plug and protect" assets.
IT Governance Ltd.
IT Governance Ltd. helps companies design and implement cost-effective information security management systems and publishes tools for IT governance and information security practitioners.
Protiviti KnowledgeLeader online internal audit and risk management subscription service provides tools, templates, checklists, white papers, risk models, and other materials to manage business and technology risk.
KPMG's international network of industry professionals, products, and technologies provides tailored services to address the complex business challenges faced by global clients.
Kroll provides solutions and services to safeguard physical, financial, and intellectual assets, including risk consulting investigations, forensic accounting, business valuation, and recovery services.
MB Risk Management (MBRM)
MB Risk Management (MBRM) provides add-in and toolkit risk analysis and management systems for the financial market segments.
McConnell International (MI)
MI is a global technology policy and management consulting firm that specializes in ethical work at the intersection of business, technology, and governance.
Methodware provides software and solutions for risk management, internal auditing, business improvement, IT management and control, and quality management.
MLC provides integrated programs, products, and services to support strategic, organizational risk management for risk mitigation, transfer, and reduction, while addressing operational, intellectual property, and financial risks.
Paisley’s comprehensive governance, risk, and compliance solutions include a purpose-built component for risk management that reduces loss events, streamlines business processes, and promotes proactive risk management.
DecisionTools Suite analyzes risks, runs simulations, performs sensitivity analyses, and fits data to distributions; and serves in the Mass Spectrometry software industry.
The Pentana Audit Risk module provides a structured approach to strategic audit prioritization and planning. Pentana also provides workpaper software and support.
Pleier Corp.'s ADM Plus features long-range planning, risk management, project management, visual scheduling, and tracking of recommendations and findings.
Protiviti provides independent business and technology risk consulting and internal audit services to help clients identify, measure, and manage operational and technology-related risks.
RealBiz International AB
RealBiz is a total process, consistent with COSO, which builds a common platform for risk analysis between top/operational management and internal auditors.
RI$K is the risk analysis capability provided within the ACE Automated Cost Estimator from Tecolote Research, Inc. to perform cost, schedule, and technical risk and uncertainty analysis.
Risk Advisor and Operational Risk Builder
Risk Advisor V3 software and Operational Risk Builder focus on enabling compliance with the Australian/New Zealand Risk Management Standard (AS/NZS 4360:1999).
Risk Alert: The Business Condition Analyst is a tool designed to support evaluation of the business condition of an enterprise, including the validity of the going concern assumption.
Moody's RiskCalc™ monitors changes in the credit quality of corporate obligors for public companies or generates information for monitoring the credit quality of private firms.
RiskPac and RecoveryPAC
RiskPAC, from CSCI, is a knowledge-based system that uses a questionnaire to interact with users and measure risks, then compare answers to determine the results of corrective measures or to perform "what-if" analyses.
RiskWatch provides quantitative and compliance risk analysis for physical and information security, HIPAA and ISO 17799 assessments, information systems certification and accreditation processes, audits, and more.
Safetynet provides disaster recovery for PC networks, IBM mid-range, UNIX, dealing rooms and call centres; realtime system mirroring; facilities management; systems and environmental monitoring and more.
SunGard provides integrated IT solutions for financial services and information availability services, including business continuity, business integration, e-process intelligence, e-sourcing, financial networks, global execution, and recovery.
Software and appliance solutions for individuals, enterprises, and service providers include virus protection, firewall, vulnerability management, and remote management technologies.
Trojan Securities International
Trojan Securities International provides security, protection and recovery, consultancy, risk management, technology security and testing, bodyguards, surveillance, intelligence, conflict resolution, counter terrorism, and maritime and special operations training.
TrustWave provides policy, technical, and operational security risk management solutions independently or in partnership with an organization's IT staff.
Vanguard Software Corporation
DecisionPro, from Vanguard Software, helps users make business decisions by applying management techniques, such as decision tree analysis, Monte Carlo simulation, linear programming, advanced forecasting methods, and others.
WhiteHat Security Inc.
WhiteHat Security provides Web application security software and educates the public on Web application security.
WizRule by Wizsoft is a data auditing and cleansing application that reveals all the rules in a given data and identifies suspected errors, displays contents, and reports and explains deviations.
Zeichner Risk Analytics LLC
Zeichner Risk Analytics provides risk and security governance knowledge for senior business and government professionals, including strategic and operational intelligence.
The Institute of Internal Auditors - 247 Maitland Avenue • Altamonte Springs, Florida 32701-4201 U.S.A.
+1-407-937-1100 • Fax +1-407-937-1101 • www.theiia.org
All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.