Wir helfen Unternehmen seit 17 Jahren,
bessere Software zu finden
Compliance Manager GRC
Was ist Compliance Manager GRC?
Compliance Manager ist die erste und einzige All-in-one-Plattform zur rollenbasierten Compliance-Prozessautomatisierung für MSPs. Das Tool kombiniert eine assistentengesteuerte Workflow-Engine, eine automatisierte Ermittlung von Netzwerk- und Computerdaten, ein webbasiertes Verwaltungsportal sowie die integrierte Erstellung und Archivierung von Compliance-Dokumenten. Die Plattform umfasst HIPAA, DSGVO und Cyber Liability Insurance – weitere Standards folgen in Kürze. 30-Tage-Geld-zurück-Garantie.
Wer verwendet Compliance Manager GRC?
MSPs, interne Compliance- und Sicherheitsbeauftragte.
Du bist nicht sicher, ob Compliance Manager GRC das Richtige ist?
Mit einer beliebten Alternative vergleichen
Compliance Manager GRC
Bewertungen über Compliance Manager GRC
An Essential Part of Our Compliance Portfolio
Kommentare: We have clients that require maintenance of their compliance status for both DoD work and HIPAA.Compliance manager helps us maintain these clients in a state of continued compliance via a variety of means and tools!
Vorteile:
Compliance manager is easy to setup and use.It functions as a vital tool in our toolkit to ensure compliance for our client base.We have utilized other solutions in the past. However, the ability to integrate direct client interaction with scanning and reviewing makes it the perfect fit for our customers and us.The interface is intuitive, the scanning and integration is seamless and the centralized storage location of compliance documentation makes coordination and implementation much less painful.
Nachteile:
The interface for auditing Active Directory could use a little fine-tuning. It would be nice to be more granular with OU filtering.I think that integration would be the only change I could recommend.
In Betracht gezogene Alternativen:
A huge step forward for v2.0, excited to see more to come for GRC
Kommentare: I was glad to staff with RFT because of the improvements of GRC, coupled with Vulscan and NDPro. It is learning a new product, but extends the value of our services to our hybrid work with local devices, networks and cloud SaaS, PaaS, IaaS.
Vorteile:
The ability to craw from multiple data collections and against multiple standards. E.G. Our HIPAA clients also need to be PCI SAQ-C complaint but I never conducted a PCI assessment before because it required a whole new effort. Now we can blend them and charge for the effort appropriately.
Nachteile:
The departure from a question-driven interface requires more time to review the standard to identify what would be considered compliant. It has always been helpful to have the standard immediately accessible if a question required clarification. This takes longer...
Kaseya does not properly support its existing customers
Kommentare: My overall experience with Compliance Manager GRC has been disappointing. Not because of the product, because when it does work it does the job, but the development team is regularly pushing out new features and things which breaks other things, so their quality control leaves a lot to be desired, and as this is a critical toolset for delivering compliance assessments, having it be so unreliable is unacceptable. When we first started working with RapidFire Tools it was the Network Detective product. That worked well so we then purchased Compliance Manager when it first came out, shortly after RFT was acquired by Kaseya. Unfortunately, the quality assurance for new releases and support has gone way down since they became part of Kaseya. I won't even consider another Kaseya product at this time.
Vorteile:
I like the ability to customize the assessment and controls for the specific engagement. I also like the ability to "assign" some tasks to subject matter experts involved in the assessment. Right now, the product doesn't make it easy for the subject matter experts to see the guidance for the specific standard for which I'm asking them to upload relevent control evidence, but that is a feature which, I hope, gets implemented and when it does will make it much easier to step customers through the gathering of the evidence rather than having to continue to rely on spreadsheets back and forth (which we still have to do even with Compliance Manager GRC).
Nachteile:
The things which I like the least about the software is the customer support for when things are broken. There have been numerous issues with both Compliance Manager and Compliance Manager GRC which have broken in the two years we've been using it and while I've requested a root cause analysis no less than three times, even from [sensitive content hidden] of the Compliance Manager product himself, I've received nothing. I've had to cancel compliance final deliverable meetings with customers because the software performed so poorly and even after escalating this as a "Sev-1" to the front-line, still got no response or fix for days.If the question is a simple one that can be solved by the front-line engineers, the support is pretty good, but anything that has to get escalated to the development team for investigation rarely, if ever, gets a proactive response back. In the last case, they clearly did something that broke one of the ways that the modal worked for the Requirements Analysis portion, it was working one day, was broken the next, and I noted that there was an update on that day. It's been two weeks and they STILL haven't identified what the underlying problem is! I run development shops, and step 1 is always, "what did we just push out and how did it impact things," but apparently that's too much process for Kaseya's development team. It's still broken, 2 weeks later.
Not ready for CMMC or 800-171 compliance
Kommentare: We tried to get out of it when we realized how much it lacked in the CMMC realm, but the company ties you to a three year agreement, which we desperatly tried to get out of. The one saving grace they have is, they will let you give up the licenses and use a different product of theirs (like ITGlue) instead, which should let us recapture the cost.
Vorteile:
This software does a really good job on collecting data off your network which will be useful in an audit. Additionally it gives you really good ways of tracking certain data for the cleint.
Nachteile:
The software is not geared toward helping you meet the requirements for an audit like CMMC. Compare this to a program like FutureFeed.co (specifically for doing CMMC Audits) and it falls down in letting you know where you are in the process, building your SSP and POA&M, doing your SAC and more. It is much more an extension of their Network Detective data gathering program, and much less a CMMC compliance walk through program.
Compliance Burden Automation and Standardization
Kommentare: Compliance Manager provided three keys improvements:1) Automation for what had been a manual discovery process 2) Standardizing processes and deliverables across multiple compliance domains 3) Foundation for perpetual service offerings and deliverables
Vorteile:
Using Compliance Manager as a compliance tool for multiple domains - HIPAA, NIST CSF, Cyber Insurance, and GDPR.
Nachteile:
The scanning installation is fine for on-premises Windows environments; however, cumbersome for non-Windows devices. Cloud support for scanning is limited and a big minus. Matches well with smaller to medium size scope, but the logistics of installing a scanner is challenging for large environments. A request is to provide mapping of control areas between compliance domains, and integrated evidence cataloging and pointers.