PRESS RELEASE

BURLINGTON, Mass., Sept. 14 /PRNewswire/ -- ClearPoint Metrics today announced a major expansion to its product offering with the delivery of four new Compliance oriented Metrics Application Packages (MAPS) and the integration of the ClearPoint Security Performance Manager (TM) and its compliance offering into a single solution - The ClearPoint Unified Security Performance and Compliance Manager. The new ClearPoint Compliance MAPS are available for reference in ClearPoint Metrics Catalog(TM) of security metrics and scorecards at http://catalog.clearpointmetrics.com. Access to the catalog is free of charge, and feedback is encouraged.

The new Compliance Packages provide fact based automated metrics that map directly to each of the compliance framework prescribed controls. The metrics are visually presented in scorecards that depict the current state and trend of compliance efforts. This enables organizations to institute "continuous control monitoring and audit process" based on real facts and data rather than opinion and surveys. The recently released packages are:

PCI DSS Compliance Management

SOX Compliance Management

North American Electric Reliability (NERC) Compliance Management

Healthcare Compliance Management

Federal Information Security Management Act (FISMA)

ClearPoint Metrics Catalog makes available for reference the company's vast research into security metrics and the inventory of know-how needed to consistently and reliably measure, monitor, and communicate the state, business impact, and effectiveness of IT and information security investment initiatives. The Catalog makes it easy to examine the details behind ClearPoint's scorecards, metrics and data adapters. The Catalog includes a series of free downloadable samples of the scorecards and metrics in each Metric Application Package.

"It is becoming increasingly important that organizations automate their security control audit and monitoring functions to both control costs and decrease risk of non-compliance," says Jim Acquaviva CEO of ClearPoint Metrics. "The ClearPoint solution unifies compliance monitoring and corporate performance management (CPM) for security and risk into a single product that addresses both the business intelligence (BI) and C level security intelligence needed to make more effective decisions."

Fundamentally different from all other solutions, ClearPoint's packaged metrics and scorecards are completely data-aware and ready-to-attach to an organization's security and enterprise applications as delivered. Additionally, each Metric and Scorecard is fully customizable with ClearPoint's Metrics Design Studio(TM). All content is based on extensive field research by ClearPoint metrics experts and in collaboration with industry leading organizations, users, and domain experts. Metrics and Scorecards are mapped and cross referenced to both legislative and industry best practice frameworks such as ISO, delivering the know-how needed to provide constant auditing and control monitoring required for IT security governance, risk, and compliance initiatives.

"To improve the effectiveness of CPM and BI investments, consider the following:

-- Establish a BI and CPM competency center that brings together business and IT personnel to determine reporting issues and how to align technologies to address any concerns.

-- Understand how CPM can benefit the organization, and work in close collaboration to enable CPM platforms that are consistent with the IT portfolio.

-- Define and deploy an enterprisewide metrics framework. Organizations need to have a consistent set of clearly defined performance metrics, aligned to corporate strategy and recognizable by all stakeholders."

ATV: 2009 Gartner FEI Technology Study Research Collection, 31 August 2009 by John E. Van Decker Research VP

The ClearPoint Metric Application Packages are built on ClearPoint's methodology for designing relevant, actionable, and trustworthy security metrics that are aligned to an organization's objectives and reporting structure. The company's exclusive 'Metric Roll Up' capability enables organizations to fuse together data from a wide variety of security and enterprise applications, generate metrics, and then 'slice & dice', group, and sort the metrics into scorecards and dashboards appropriate for the audience or stakeholder. The end result is that users collaborate around visually rich scorecards that provide high level indicators with the ability to drill in to fine grain details and root causes, enabling executives and managers to make decisions with information that is consistent and trustworthy.

About ClearPoint Metrics

ClearPoint Metrics is changing the way organizations drive improvement in IT and information security initiatives through the use of metrics and scorecards.

ClearPoint Metrics solutions enable IT and Security executives and their teams to consistently and reliably measure, monitor, and communicate the state, business impact, and effectiveness of their IT governance, risk, and compliance initiatives. Our solutions make it possible to easily access, aggregate, and fuse together data from any application, server, or network device, transforming raw data into useful security performance metric information for higher quality communications and more confident decision making.

Our innovations take the cost and friction out of obtaining the hard facts and data required for actionable IT and security performance assessments and solid compliance reviews. ClearPoint makes it possible for business managers to interact with security performance information in the context of their objectives and use it to take meaningful action.

SOURCE ClearPoint Metrics