GTP and Relational Security Partner to Streamline Third-Party Security Audits; New Offering for the Financial Services Market is Based on BITS Security Guidelines

Business Wire, Dec 8, 2004

NEW YORK -- Greenwich Technology Partners (GTP(R)), today introduced a new service that helps financial service firms cut the time and expense required for security audits of Third-party Service Providers. GTP is a leading global provider of IT Professional Services, and Relational Security, a provider of Risk Assessment and Ongoing Compliance Management Software.

Under regulations such as Sarbanes-Oxley and the Gramm-Leach Bliley Act, financial service firms are responsible for maintaining prudent security controls for regulated data, even when outsourcing key functions to Third-party Service Providers (TSPs). As a result, firms find themselves spending tremendous amounts of time and money performing security audits of TSPs to ensure compliance.

Using Relational Security's RSAM(TM) security assessment and ongoing compliance software, GTP has created custom tools for TSP audits based on the BITS IT Service Providers Expectations Matrix. The Expectations Matrix was created by the nation's leading financial institutions through BITS, a nonprofit industry consortium founded in 1996 to foster the growth and development of electronic financial services and e-commerce for the benefit of financial institutions and their customers. The matrix outlines in detail financial institution expectations for the security of information and personnel, as well as policies and processes for ensuring physical security, including critical disaster recovery/business continuity issues. (For more information about BITS visit the BITS website at www.bitsinfo.org. The Expectations Matrix is available for free download at www.bitsinfo.org/wp.html.) These tools allow GTP consultants to audit TSPs rapidly and accurately, producing detailed reports suitable for submission to internal or external auditors at a competitive cost.

"TSP security audits are frequently a bottleneck in the deployment of IT projects and can delay time-to-market for new services," said Brian Cincera, Vice President of Security Solutions at GTP. "Our new offering helps companies quickly clear the audit backlog while adhering to industry-accepted standards. It can provide a substantial cost savings over traditional approaches to auditing third party security."

"Businesses are looking for efficient, sustainable processes and tools with superior reporting capabilities to manage and comply with the increasing number of regulations and standards in the industry," said Vivek Shivananda, President & CEO of Relational Security Corporation. "RSAM(TM)'s open and adaptable framework in combination with dynamic multiple rule-sets, have allowed GTP to create a custom solution that meets the unique requirements of the financial services industry."

About Greenwich Technology Partners

Greenwich Technology Partners (GTP) helps corporations maximize the value of their IT investments with an emphasis on Threat Management, IT Optimization, and Applications Resiliency. GTP employs a unique combination of technical expertise and business acumen to help clients reduce costs, improve operational integrity, reduce the threat of internal and external threats, and comply with increasingly complex regulations.

Founded in 1997, GTP delivers services worldwide and maintains offices in North America and Europe. For additional information, contact GTP at 1 (888) 367-4871 or visit www.greenwichtech.com.

About Relational Security Corporation

Relational Security Corporation (RelSec) is a provider of comprehensive Security Risk Assessment and Ongoing Compliance Management Software solutions focusing on Enterprise Risk Assessment, Ongoing Compliance & Risk Management, and Audits & Risk Inventory. Our breakthrough technology RSAM(TM) can quickly adapt to any client situation/environment and accommodate multiple compliance requirements within a single framework. RSAM(TM) blends an intuitive multi-user, web interface with practical & best of breed security risk assessment methodology.