-
Industry First: BMC Maps BSM to COBIT Best Practice Framework
-
Customers See BMC Identity Management, Change and Configuration Management, and Data Management and Recovery as Drivers of Compliance Success
-
Important Vulnerability Management and Mainframe Change Management Partnerships Announced
HOUSTON, March 12, 2007 – As companies look to optimize IT governance and respond to compliance mandates, BMC Software (NYSE: BMC) today announced the unprecedented alignment of Business Service Management (BSM) with COBIT, enabling customers to achieve continuous compliance with government regulations, industry best practices, and internal policy requirements by controlling and automating their daily IT environments.
The acknowledged leader in Business Service Management, BMC is the first enterprise management software provider to help customers make this critical connection between COBIT and BSM. BMC competitors such as CA and HP Software currently do not provide their customers with this practical guidance and capability.
“Companies today must comply with an expanding list of regulatory and internal policies,” said Greg Valdez, chief information officer, BMC Software. “This requires CIOs and IT managers to drive a posture of continuous compliance in their organizations and processes. As an internal consumer of BMC’s BSM solutions, I know how important it is to approach this challenge in an integrated way that clearly maps BSM to COBIT, the leading IT control framework.”
BSM brings to life many of the best practices set forth in COBIT and ITIL, as well as industry standards, such as ISO 20000 and ISO 20001, thus enabling customers to develop a continuous compliance capability that is integrated into the day-to-day operations of the IT department. The foundation of BMC’s ability to address customers’ compliance needs includes Change and Configuration Management, Identity and Access Management, and Data Management and Recovery. By adopting BSM, BMC customers can dramatically enhance their compliance posture and simultaneously align IT with business priorities to improve performance.
“Automating with BMC Identity Management has reduced the cost and effort of compliance,” said Brian McPhedran, area vice president of IT Risk Management, AEGON Canada. “We are in a better position to fulfill the requirements of our business units for system access, automated password management, and proper removal of access privileges – and can do this in a faster, more auditable manner.”
The automation of IT controls is critical in addressing the complexity of regulatory and operational compliance. Organizations that automate IT control can reduce the cost of compliance and proactively detect and correct IT issues before they affect the business.
“According to our compliance market research, by 2008 more than 75 percent of large and midsize companies will purchase controls automation and monitoring solutions,” said French Caldwell, research vice president, Gartner, Inc. “The results of our research indicate that standardization of controls and automation will reduce the scope of manual process controls by 70 percent and help customers generate the most collateral business value from their compliance investments.”1
A fundamental element of demonstrating regulatory compliance is the ability to assess and manage IT risks or threats as they relate to the operations of an enterprise. Complementing and extending the value of BSM, BMC is now partnering with eEye Digital Security, a developer of endpoint security and vulnerability management software solutions, to enable customers to identify, store, isolate, secure, and patch vulnerabilities in their IT infrastructure.
Additionally, BMC is working with Pristine Software whose product, SysChange, manages change approval, packaging, and execution for mainframe environments. Combined with BSM, these partner solutions minimize the risk of security threats and ad-hoc changes on business operations, while providing the evidence required to prove the desired security and compliance posture is being met.
