May 16, 2018 - Colorado Springs, CO – Cherwell Software, LLC, (“Cherwell”) a global leader in enterprise service management, today announced the launch of its Cherwell Information Security Management System (ISMS) designed to better support your organization’s compliance with the General Data Protection Regulation (GDPR) ahead of the European Union’s compliance deadline of May 25, 2018.
This new ISMS product integrated with the Cherwell® Service Management platform provides organizations with a unified solution to govern and manage GDPR compliance efforts, incident workflows, and data subject service requests through its ISMS. It is designed to enable quick and easy mapping of GDPR articles to common security controls.
“GDPR is a far-reaching regulation that requires serious thought and planning to implement correctly, even for the most privacy-mature organizations,” said Matt Klassen, VP Product Marketing, Cherwell Software. “The updated Cherwell ISMS solution helps organizations get the visibility needed to understand where they are with regard to compliance, plug gaps that exist, and reduce the risk of non-compliance.”
Businesses that must be compliant are facing the prospect of using disparate spreadsheets and systems to manage various aspects of GDPR governance, risk, compliance, and security incident management. The Cherwell solution gives businesses a standardized system for capturing compliance regulations (GDPR articles) and requirements and mapping to security controls in the familiar Cherwell Service Management dashboard.
Key features of the Cherwell ISMS solution include the abilities to:
- Create security events from multiple sources, including integrations with external security incident and event management (SIEM) solutions.
- Link security events to IT incident and change management processes and tasks to streamline actions across functional teams when response time is critical.
- Create security incidents based on security event threshold breaches or escalations.
- Follow industry-standard National Institute of Standards and Technology (NIST) guidelines, including strict role-based, access controls already built into the solution.
Added benefits in this latest release offer enhancements to support requirements of the GDPR including:
- Manage multiple frameworks, controls and policies for compliance.
- Extended risk assessment capabilities, such as simplified risk scoring and added risk types.
- Ability to add exemption management within the platform.
The General Data Protection Regulation (“GDPR”) is the European Union’s new privacy law. The new rules are broad, affecting companies that collect personal information of individuals in the EU. In addition to helping customers manage GDPR compliance through our ISMS offering, Cherwell is committed to being GDPR‑compliant across all of our services when enforcement begins on May 25, 2018. Cherwell has implemented security processes and controls to help protect customer data. Additionally, Cherwell holds several important security and privacy certifications, including the EU-U.S./Swiss-U.S. Privacy Shield, which in addition to our ISO 27001 and SOC 2 certified data centers, help us comply with industry standards and regulations.
The new ISMS for Cherwell Service Management is available now for currently supported versions. For more information, please visit https://www.cherwell.com/products/information-security-management.
About Cherwell Software
Cherwell (@Cherwell) empowers organizations to transform their business through the rapid adoption and easy management of digital services. Cherwell’s adaptable platform has enabled thousands of organizations to modernize their business operations with customizable service management, automation, and reporting across the enterprise. For more information, visit: http://www.cherwell.com.
Kim Smith/Melanie Pretty
éclat Marketing for Cherwell Software
T: +44 (0) 1276 486000