PRESS RELEASE

Sunnyvale, Calif. - May 15, 2012 - Agiliance®, Inc., the leading independent provider of Security and Operational Risk Management (SRM) solutions for Governance, Risk, and Compliance (GRC) programs, today announced the release of the Agiliance Federal Risk and Authorization Management Program (FedRAMP) Content Pack, which includes the baseline controls required for FedRAMP security assessments and authorizations of Cloud Service Providers (CSPs).

FedRAMP, developed by the National Institute of Standards and Technology (NIST), the U.S. General Services Administration (GSA), the U.S. Department of Defense (DOD), and the U.S. Department of Homeland Security (DHS), provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The FedRAMP security assessment process is also aligned with the security controls and guidance in NIST Special Publication 800-37.

The Agiliance FedRAMP Content Pack encompasses all the security controls that commercial and government CSPs must implement within a cloud computing environment to satisfy FedRAMP requirements. It includes 168 security controls and will be supplemented with the System Security Plan (SSP), Security Assessment Plan (SAP), and Security Assessment Report prior to the Initial Operating Capability of FedRAMP.

"The U.S. government is moving quickly to adopt cloud computing, both for its own datacenter consolidation projects and now for its cloud service providers, in order to improve operational efficiency and real-time security visibility," said Torsten George, vice president of worldwide marketing and products at Agiliance. "With the addition of new cloud security intelligence in the FedRAMP Content Pack, Agiliance enables government agencies to implement continuous monitoring as prescribed by NIST, FISMA, and now FedRAMP."

Agiliance RiskVision can be deployed as a cloud service or on premise. The Agiliance FedRAMP Content Pack with Agiliance RiskVision Compliance Manager exceeds all five requirements for use by FedRAMP authorized Third Party Assessment Organizations in the following ways:

. Increases re-use of existing security assessments across agencies . Saves significant cost, time, and resources - "do once, use many times" . Improves real-time security visibility . Supports risk-based security management . Provides transparency between government and CSPs

Pricing and Availability

The Agiliance FedRAMP Content Pack is available immediately at no cost with the Agiliance RiskVisionT platform.

Please visit the Agiliance website for more details or join us at Gartner Security & Risk Management Summit (booth #84), June 11 - 14, 2012 in National Harbor, MD for a demonstration of Agiliance Security Risk Management solutions.

About Agiliance

Agiliance, founded in late 2005, is the leading independent provider of Security and Operational Risk Management solutions for Governance, Risk, and Compliance (GRC) programs. Agiliance RiskVision enables Global 2000 companies and government agencies to automate their GRC management processes; and the same platform orchestrates incident, threat, and vulnerability actions in real time. Unlike legacy offerings that take nearly a year to deploy, Agiliance customers demonstrate automation use cases within 30 days on-demand, and within 90 days on-premise, made possible by Agiliance RiskVision's configurable platform and applications, with a broad library of technology integrations, and GRC content. Agiliance RiskVision scales with businesses, effectively managing data, assets, people and processes to achieve 100 percent risk and compliance coverage. Its real-time risk analysis leads to optimized business performance and better investment decisions. For more information, please visit www.agiliance.com.