Content authoring, awareness, distribution and attestation
Polaris Pathfinder is an enterprise web-based solution that supports a closed-loop policy life cycle management process that allows multiple virtual players to collaborate in the design, edit, review and publishing functions of policies as well as the ability to add custom control objectives, policies, standards and controls. The result is a baseline of auditable, relevant controls and accompanying procedures from authoritative resources (PwC, ITGI, ITIL, NIST and ISO). Both technical and process controls are documented in rich detail including both implementation and compliance procedures. Additionally, Polaris Pathfinder includes a full workflow lifecycle for standards and control management. Integration to MS-Word is used for tracking changes and making comments to content within the workflow. Content is automatically version controlled and old versions are archived during the publication phase.
Polaris Pathfinder is designed for not only content authoring and management but also for policy awareness, distribution and attestation. It includes a user-friendly portal that our customers use as the policy communication and distribution mechanism for the enterprise. Policies are not only presented in a standard outline format but filterable views are available based upon regulatory mappings, user-defined roles and user-defined information/risk classes.
Additionally, Polaris Pathfinder supports automatic notification to employees of new policies they must be aware of or attest to, a glossary tied to text in policy, and a policy acceptance function to track and report on user acknowledgement of policy. The product also includes several other user education and awareness features such as a Bulletin Board to post notifications to users and an automated "What's New" list to highlight changes to policy content.
Brabeion's Polaris Pathfinder provides:
- Policies and procedures based on 600+ standards, 30 regulations, 5+ frameworks, 6000+ controls, to align business intent with operational reality
- Centralized and integrated Policy, Procedure and Control Lifecycle Management to reduce cycle time, increase quality and commitment
- Automated creation, distribution and acceptance process to drive communication, consensus and enforcement
Brabeion and PricewaterhouseCoopers:
Overcoming PCI Challenges
Is your organization struggling to meet PCI requirements and deadlines? Is the fear of potential fines making it difficult to run and maintain a successful program?
View Recorded Webcast »
Brabeion and Forrester Research:
Critical Steps to Automating your IT GRC Programs
The crucial need to effectively manage and mitigate increasing IT risks - coupled with the rise in government-mandated and industry-specific regulations, demand that organizations unify their governance, security, risk and compliance silos to provide a holistic view of the IT environment.
View Recorded Webcast »
OCEG and Brabeion Webinar:
Controls Based Risk Management:
From Auditable Policy to Understanding Risk
A unique approach for risk calculation utilizing a "component-based" method leveraging three pieces of information - Requirement, Standard and Control. Get a new understanding of risks from a compliance and controls perspective, enabling fuller visibility into business impacts and decision making.
View Recorded Webcast »
Rolling with the Changes:
Managing Compliance in a Continuously Evolving Industry
Financial Services companies face many obstacles due to the regulations and requirements they have to face. Learn how leading commercial and consumer finance company, CIT, has evolved their compliance programs.
View Recorded Webcast »
Brabeion in Enterprise:
Featuring: Chevron-Texaco, Brabeion, and Forrester Research analyst Michael Rasmussen. Learn how to efficiently and effectively identify controls to achieve compliance with GLBA, PCI, FFIEC, SOX and HIPAA.
View Recorded Webcast »