Resolver 3.0 brings Active Data Warehousing and Continuous Assessment to the Risk & Security Market

Toronto, ON, — Today, Resolver Inc., the leader in integrated risk and security management, announced the release of Resolver 3.0 platform and applications for Enterprise Risk Management, Operational Risk Management, IT Risk and Compliance Management, Vendor Risk Management, Compliance, Incident Management, Security Risk Management and Internal Audit.

Recognized on Gartner’s Magic Quadrants for Integrated Risk Management and IT Risk Management for its ease of use, configurability and integration, the release of Resolver 3.0 extends Resolver’s leadership by bringing continuous risk assessments to the market with its innovative Active Data Warehousing and analysis capabilities.

Resolver 3.0 introduces an Active Data Warehouse that provides real-time and historical access to data in the system. Every change made to any risk or environment variable is automatically captured and time stamped in Resolver. In most other systems, data instances are transient: when data is updated, previous data is either overwritten, or a snapshot is taken for a specific variable without any supporting context.  

With this power, organizations now have the ability to:

• Manage risk at the pace of business. Real-time monitoring of changes and trending of key variables – e.g. risk and control assessments, KRIs, incident and loss events and trending.
• Increase the speed and precision of mitigation activities. Quickly rewind all data to a specific point in time to understand the context of risk and compliance activities and the impact of past changes.

“Risk owners will now have the ability to easily update their risks and controls at any time, as soon as they see any changes, without the traditional risk assessment overhead,” said Will Anderson, CEO, Resolver. “This means that risk teams will be able to continuously monitor KRIs, such as the volume and trend of specific risk events,  and trigger assessments as soon as they are out of tolerance.  They can now proactively mitigate the risk before it impacts business objectives. Resolver 3.0 also enables risk teams to access historical data if necessary, helping them to better understand the state of all related risk data at any point in time. Risk managers can now get a full picture of the specific conditions of when a change was made and its impact over time.”

Manage Risks and Incidents Across the Enterprise in a Single Solution 

Enterprise and Operational Risk

Resolver’s Risk Management Software enables risk teams to help the organization understand and take action on strategic and operational threats to reduce the negative consequences of events and incidents. With Resolver 3.0, risk professionals will be able to leverage:  

• Continuous Assessments: Capture and analyze risks in real time, obtaining deeper insight into risk concentrations within a business function as a change in conditions are detected.
• Trend reporting: In-app Active Data Warehouse reporting that tracks daily, weekly, monthly, and annual trends of risk assessments, control assessments, KRIs, and other key metrics.
• KRIs: Set KRIs aligned to risks and business objectives and get alerts when they breach risk appetite thresholds.
• Risk events: Easily collect, categorize and analyze loss events in a standard format all across the organization, reducing the likelihood of occurrence.

IT Risk and Compliance

Resolver IT Risk and Compliance Software automates processes to reduce cost, resources and effort required to effectively manage cybersecurity programs, provide risk oversight to executives and the board and achieving IT certifications such as SOC-2, ISO27001 and others

With Resolver 3.0, IT Risk professionals will have access to:

• Trend reporting: In-app Active Data Warehouse reporting that tracks daily, weekly, monthly, and annual trends of risk assessments, compliance gaps, issues and other key metrics.
• Test once apply to many frameworks: Associate controls and assessments to multiple requirements and citations to certify against multiple frameworks without duplicating effort.
• Content Subscription: Predefined content and ongoing updates for SOC 2, NIST CSF, ISO 27001, ISO 27002, NIST 800-53, PCI DSS, HIPAA, COBIT 5 and 5 additional frameworks.

Internal Audit

Resolver’s Internal Audit Management Software uses an agile, risk-based approach to help teams plan and manage audits more effectively. It provides an integrated view of key risks to the organization and the related assurance activities needed to support efficient and effective assurance planning and coverage.

With Resolver 3.0, Internal Audit professionals will have access to:

• Integration with Enterprise Risks: Access real-time ERM results, auditable entity risk factors and risk trending to prioritize audit plan
• Trend reporting: In-app Active Data Warehouse reporting that tracks daily, weekly, monthly, and annual trends of auditable entity risk scores, control assessments, KRIs, and other key metrics.
• Testing and fieldwork: Templates with embedded IPPF guidance are included, and rich text editing can be used to create presentation quality reports and narratives.
• Simplified audit client experience: A portal for audit clients to manage all audits, documentation requests, issues, and corrective actions that are relevant to them. Reduce audit fatigue of multiple requests via emails from multiple sources.

Vendor Risk Management

Resolver’s Vendor Risk Management application enables risk teams to reduce the impact and severity of potential incidents by better understanding the volume and complexity of 3^rd party risks. New features in the 3.0 release include:

• Continuous Assessments: Vendors can be assessed on an ongoing basis, not only specific milestones like onboarding and renewal.
• Trend reporting: In-app Active Data Warehouse reporting that tracks daily, weekly, monthly, and annual trends of risk assessments, vendor engagement and other key metrics.
• Simplified Vendor Experience: Improved access portal for vendors to quickly address issues and missing documentation, allowing the Risk team to stay ahead of potential control gaps for critical vendors.
• Enhancements to Vendor Questionnaires: View real-time progress completion of vendor questionnaires eliminating manual follow ups. The scorecard on the questionnaire brings immediate attention to any at-risk vendors.
• Geolocation: Easily visualize the locations of vendors to highlight concentrations of supply chain risk.

Compliance Risk Management

Resolver’s Compliance Management application helps easily organize, manage and keep up with regulatory requirements for efficient and comprehensive compliance. Compliance professionals will now also have access to:

• Regulatory change alerts: Receive, prioritize and assign alerts to regulatory changes, new legislation and bill drafts within 40 days. Reduces the need to manually monitor multiple sources to keep ahead of changes. 
• Regulatory source report: View your requirements data against specific regulatory sources in addition to Topic/Sub-Topic for simplified reporting to regulators.
• Continuous requirements assessment: Capture and analyze requirement risks in real time, obtaining deeper insight into compliance changes across time within a business function and eliminating administrative effort of rescheduling recurring assessments.
• Business unit level reporting: Reporting at business unit level to allow better insight into control gaps and requirement exposures including heatmaps, as company level reports themselves are too high level. 

Incident Management

Resolver’s Incident Management application is an end-to-end solution for responding to, reporting on, and investigating incidents. It helps teams understand what’s happening and why, so that they can manage resources, minimize impact and prevent incidents. Incident Management is a part of Resolver’s larger security offering. Resolver’s security solution includes: Investigation and Case Management, Security Operations Management and Security Risk Management. Resolver 3.0 will also offer security professionals:

• Incident Trending: Visualize historic incident data across time to find trends, better prioritize resources, and respond to incidents effectively.
• Geolocation: Capture location data and visualize your incidents and threats on a map.
• Key security indicators: Dashboard indicators highlighting key investigation and case metrics