Information security of cloud and virtualisation-based IT services has already emerged as a new frontier.  But it still requires progressive innovation to make it so safe that it becomes the only option for the public services, and industry generally.  The iGRC capability is an ideal instrument for the automation of threat level minimisation and associated control status maintenance in the cloud and virtualisation services marketplace.


Similarly, the move to software systems that virtualise hardware platforms, operating systems, storage devices and network resources also creates the opportunity for threat level and linked control status management.


At the forefront of IT innovation, covering off the very best in information security techniques, capability and services, like virtualisation, iGRC will now also be viewed as part of the overall trend in enterprise IT.  The iGRC Consortium provides autonomic information security, a scenario in which the IT security environment, in question, will move much closer to self-management of perceived and actual threats, vulnerabilities, controls, regulation and standards.  This is made possible by the integrated control and threat environment provided by the Proteus® information security management system and the coupled sensor systems supplied and championed by our lead network level partners – Assuria and Nexor via the GRCiP protocol.


The iGRC range of technologies and services fully support dynamic, integrated, information assurance infrastructure cloud services (Infrastructure as a Service - IaaS), platform cloud services (Platform as a service - PaaS), application cloud services (Software as a service -SaaS) and business process cloud services (Business process as a service - BPaaS).


Uniquely, the iGRC capability creates one harmonised enterprise information assurance community, that is to say assets, controls and sensors, serviced by risk managers and compliances managers in a rapid risk avoidance and minimisation cloud based system.