Agiliance Launches On-Demand PCI Compliance Service

PRESS RELEASE

San Jose, California – February 8, 2011 – Agiliance ', Inc., the leading independent provider of Governance, Risk and Compliance (GRC) solutions, today announced the launch of Agiliance Continuous Compliance Service™ (CCS) for PCI . The cloud solution manages the entire PCI life cycle to overcome the dilemma of continuous consulting and transition to an approach of continuous compliance instead, with an investment payback ranging from two to six months for Level-1 and Level-2 merchants. Agiliance CCS for PCI enables organizations to rethink PCI compliance by starting small and thinking big as they build a world-class GRC program to satisfy all internal and external stakeholders over time. The new requirements of PCI 2.0 present a daunting challenge. They require an organization’s existing security policies to include virtualized environments, policy governance, risk remediation and 100 percent asset coverage. The sheer volume of data required to scope, analyze, mitigate, certify and maintain people, assets, data sets and applications renders the traditional approach of continuous consulting in combination with Microsoft Excel spreadsheets ineffective. According to Verizon in their 2010 PCI report[1] <#_ftn1> , only 22 percent of businesses achieved compliance at Initial Report of Compliance (IROC). An independent survey conducted by PSC Payment and Security Experts reveals that this number falls to 18 percent within 60 days of certification. Consequently, many organizations will be pressured to improve the way they operate and automate their PCI compliance process. "Business is dynamic and in a constant state of flux—demanding that organizations have a continuous and intelligent approach to managing compliance in the context of a changing business,” said Michael Rasmussen, president of Corporate Integrity, a GRC strategy advisory firm. “Agiliance is an example of a vendor that is delivering on Regulatory Intelligence with its Continuous Compliance Service aimed at PCI compliance." Agiliance CCS for PCI is the only cloud solution in the market today that provides a complete set of content, tools and audit-ready reports that an organization and their auditors require for all five stages of the PCI compliance life cycle: Scoping, Gap Analysis, Remediation, Certification and Maintenance. Achieving compliance with the standard requires a combination of business processes and technology integrations for continuous monitoring and auditing to ensure full asset and data protection. Agiliance CCS for PCI does this and applies to PCI PA DSS 2.0 and 1.2.1 standards. With Agiliance CCS for PCI, organizations can achieve the following benefits: >> Certify 61 percent faster >> Save over 50 percent in costs >> Remove audit fatigue >> Improve reputation >> Achieve real-time monitoring of PCI compliance status >> Provide current documentation, evidence and reports for both internal resources as well as external consultants (e.g., Qualified Data Security Companies and Qualified Security Assessor) Tom Arnold, a partner at PSC Payment and Security Experts and previously the CTO at InfoSpace and CyberSource, was engaged by Agiliance as a PCI Qualified Security Assessor (QSA) expert. PSC reviewed the Agiliance PCI Cloud Service design goals: to help QSAs and client organizations jointly address PCI 2.0 requirements; enable continuous certification checks; and reduce audit fatigue. Agiliance CCS for PCI is well positioned for solution providers like IT resellers and consultants to enable clients to streamline and improve their PCI program in the face of PCI 2.0 requirements. To reward consultants that refer business to Agiliance, a new affiliate program will be launched by April 2011. Agiliance CCS for PCI is priced at US $87,500 per annum and sold by all Agiliance channels. Trial pre-registrations are accepted immediately -- free trials start March 1, 2011. For further information, please visit http://www.Agiliance.com or visit us at the upcoming RSA Conference 2011 in San Francisco (booth # 2351).

About Agiliance

Agiliance is the leading independent provider of Governance, Risk and Compliance (GRC) solutions. Delivered on-demand or on-premise, Agiliance GRC technology minimizes manual auditing through scalable automation to enable closed loop risk management and continuous compliance. Agiliance customers use real-time risk analysis to optimize business performance and make better investment decisions. Unlike legacy offerings that can take nearly a year to deploy, Agiliance's Global 2000 and public sector customers deploying the Agiliance RiskVision™ platform achieve demonstrable value within 30 days on-demand, and within 90 days on-premise, made possible by Agiliance's extensive library of technology integrations and GRC content. Agiliance RiskVision scales with businesses, effectively managing data, assets, people and processes to achieve 100 percent risk and compliance coverage. For more information, please visit www.agiliance.com .