Drata launched Risk Management, enabling customers to manage end-to-end risk programs by continuously monitoring, identifying, assessing, and treating risks.
On the heels of Drata’s recent launch of Trust Center, Risk Management is integrated into the company’s current platform to further provide a holistic view of building and maintaining a healthy security posture.
Companies of all sizes and industries face a myriad of risks that can permanently affect the security, reputation, and financial wellbeing of the business, but monitoring risks often results in managing cumbersome data sheets or siloed tools. With the majority of business executives uncertain how or when their organization will be affected by a cybersecurity incident, Drata’s Risk Management solution provides customers already running a mature risk and compliance program one central view of all potential risks so they can make strategic decisions across the entire organization and resolve issues quickly.
Features of the comprehensive Risk Management solution include:
- Risk register: Create and maintain a risk register to identify and analyze risks, proactively monitor and manage risks, recognize evolving patterns, and more, with a library of more than 150 pre-mapped threat-based risks based on established sources, such as NIST SP 800-30, ISO 27005, and HIPAA guidelines.
- Continuous automated monitoring: Drata extends its continuous monitoring capabilities to evaluate and proactively notify customers regarding the effectiveness of their controls to mitigate new or evolving risks.
- Integrated risk and compliance: The Drata Control Framework (DCF) comes pre-mapped to Drata’s threat-based risk library and to the requirements of multiple security and privacy standards and regulations.
“Drata’s Risk Management module adds enormous value to our risk management program,” said Tonya Thepthongsay, Director of Risk and Compliance at Rialtic. “Automating the relationship of risks to controls and tests in Drata gives us near real-time visibility to changes in our risk environment. The ability to assign risk owners and automate the follow up process elevates risk visibility and accountability throughout the business.”
“Drata aims to be the trust layer between our customers and those they do business with, and we know compliance automation is just one critical piece of that equation,” said Adam Markowitz, Drata Co-Founder and CEO. “Launching Risk Management and integrating it into our platform is one of the many steps we’re taking to address the maturing needs of customers advancing in their compliance journey.”