Microsoft’s Compliance and Risk Process Management Pack and IT Compliance Library - an update from Sai Sireesh

Last week was extremely exciting for our team. Our focus on simpler, faster and cost effective solutions got a boost.

Over the years, Microsoft has a fairly large footprint in the Risk Management and Compliance Solutions technology.  We work with a rich ecosystem of over 150+ best of breed Risk Management and Compliance solution providers to offer their applications to clients on our platform.  We also have a few thousand clients who have bet their Risk Management and Compliance blueprints on our end-to-end interoperable technology as foundation.

But to make our end-to-end value proposition even stronger, last week Microsoft released its Compliance and Risk Process Management Pack and  IT Compliance Management Library Beta.  These latest offerings focus on the agility and automation pillars of our approach to Risk Management and Compliance solutions.

The Compliance and Risk Process Management Pack for System Center Service Manager 2010 helps provide end-to-end compliance management and automation for client and server computers. The IT Compliance Management Library (ITCML) is designed to help IT workers, managers, and partners configure Microsoft products to address specific IT GRC requirements. These solutions help customers understand and bind complex business objectives to their Microsoft infrastructure. This Beta release includes control activities and test automation for Windows Server® 2008, Windows Server 2008 R2, and Windows® 7.
 
Microsoft System Center Service Manager helps reduce costs and improve IT responsiveness through the power of its integrated platform. With built-in processes and workflow for incident and problem resolution, change control, and its con-figuration management database, Service Manager orchestrates activities and connects knowledge with System Center Operations Manager, System Center Configuration Manager, and Active Directory® Domain Services.

IT Compliance Management Library
The ITCML takes advantage of the ability of Microsoft System Center Service Manager to integrate with System Center Configuration Manager, System Center Operations Manager, and other systems to automate the monitoring, validation, and reporting of the compliance state of Microsoft products. This solution bridges the knowledge gap for IT professionals by translating auditor expectations into real IT tasks through the use of control activities that are specific to a particular technology or platform. The supplied control activities bind complex IT GRC requirements, stated as control objectives, to actual product configuration settings and events. System Center is then able to act as a GRC management and over-sight solution for your organization.

The ITCML ships with several new features, including:
• Control activity libraries for Windows Server 2008, Windows Server 2008 R2, and Windows 7 that contain specific policy, technical, and configuration guidance
• IT Compliance DCM baselines for System Center Configuration Manager 2007 R2
• IT Compliance Management Packs for System Center Operations Manager 2007
• A Test Automation to automate the validation of control activities
 
These can be downloaded from microsoft.com/grc