Technical Details of Integration between IT GRC Systems on One Hand and Vulnrability and Compliance Management Solutions on the Other
Author: Marat Rakhimov
The talk will address the integration of an IT GRC system and a vulnerability and compliance management system (VCMS) using their embedded mechanisms. The speaker will demonstrate how on the basis of an XSD scheme of a VCMS report to create a reference XML report sample, containing all possible components and attributes of VCMS reports. He will also show a universal XSLT transformation, which adapts the structure of an initial VCMS report for loading to GRC. The speaker will consider possible issues of integration and give recommendations on how to avoid them. The audience will learn how gained data can be applied in GRS for vulnerability and compliance management.
Marat Rakhimov is a design engineer at Gazinformservice. He is an SPbNRU ITMO graduate (2013) specializing in information protection organization and techniques. Marat is a certified administrator of the platform RSA Archer GRC.