Dashboard Insight recently spoke with Modulo's founder, Alvaro Lima, about their GRC product line, why they set up shop in the U.K. recently and what's causing their business to grow in these challenging times.
Dashboard Insight: Tell us about the history of Modulo.
Alvaro Lima: Modulo was founded in 1985 and today has 350 employees throughout the world. In 2006, the company expanded operations and partnership outreach to the United States with its office headquarters in Montclair, N.J. Today, the company is present in 21 countries comprising a portfolio of more than 400 clients worldwide.
DI: What areas of the B.I. stack do your GRC solutions cover?
AL: Apart from governance, risk and compliance, Modulo Risk Management is a comprehensive solution for asset management, risk assessment, business continuity management, policy management and vendor risk management.
DI: Could you elaborate on the Modulo Risk Manager cycle (inventory, analyze, evaluate and treat) and how it benefits your clients?
AL: Risk management is performed through a risks-management cycle composed of inventory capture, analysis, evaluation and treatment. The inventory consists of mapping an organization’s assets, business processes and threats. The inventory structure is easily implemented by defining organizational, physical or process perimeters, as well as using tools that automate the entire activity.
Supported by a knowledge base that is constantly updated by a MSLAB research team, Risk Manager helps perform risk analysis of several kinds of assets. The analysis can be automated by using automatic controls as well as web and offline-based questionnaires. There are more than 4,000 automated collectors for distinct types of assets that are distributed in several knowledge bases, comprising more than 16,000 controls.
Each resource is identified according to its relevance to the business. Risk evaluation is performed by generating objective and practical reports, with executive, tactical and operational views. These reports can be presented in different views such by assets type, perimeters, business processes and threats. This enables the verification of which assets or business processes run higher risks. Through a specific module, risks can be classified as acceptable or are targeted for treatment. Finally, risk treatment is performed by observing recommendations and best practices. Through a web module, it is possible to manage the controls-implementation process.
DI: How does your structured Risk Manager methodology set you apart from the competition?
AL: Modulo has recently released an upgrade to its Modulo Risk Manager software with an unique methodology not found in any other IT GRC solution. The software provides an exclusive dashboard offering detailed results for governance, risk and compliance actions. Tailor-made graphics and reports can be designed to meet specific needs within every organization. Another feature that reinforces Modulo Risk Manager pioneering features is the inclusion of Enterprise Risk Management. The software can generate a risk-oriented report based on several categories – including impact and probability – facilitating the response to foreseen incidents. Finally, in addition to the 16,000 controls, Modulo provides a clear recommendation on how to solve problems the technology comes across, transferring the knowledge acquired by our consulting team to the client.
DI: What’s the process if someone wants to evaluate your solutions?
AL: The process is simple and straight forward, by contacting us (tel. 866-663-5802 or www.modulo.com) we are able to provide all the support needed for a complete evaluation. After contacting us, we provide a password which gives access to a trial version via web or a copy that can be downloaded.
DI: Tell us about your customers, what key clients are using your solutions?
AL: Modulo has a solid network that includes 70 partnerships in 21 countries and a portfolio with more 400 clients worldwide. This business model was successfully implemented in the United States thanks to partnerships with high-profile clients across the country. Recent Modulo Risk Manager’s users include IBM, Shell, NYU Langone Medical Center, Delta Dental, Greenstone and Munder Capital.
DI: In an effort to reinforce your presence in Europe, you opened a UK office this past January. Has the state of the world economy affected this move?
AL: We have consolidated our presence in Europe due to an expressive demand for our product. This scenario has not change with the recent changes in the world economy. In fact, the demand has increased substantially since then. This is due to the fact that organizations see GRC as a crucial part of their operations and even more so during difficult times.
DI: So the recent economic troubles have had a positive effect on the demand for your products?
AL: In these challenging times companies run the risk of making cuts that will directly affect infrastructure protection, identity administration and other security and risk management and compliance-related issues. Our customers and partners, particularly those with international operations, are aware that careful attention to the risks these cuts can impose on IT services can prevent unexpected negative effects on their business’s goals and objectives. In that respect, as mentioned previously, organizations understand that governance, risk and compliance must play a key role in their operations. This has had a positive impact on our growth, so much so, that our growth forecast for this year ranges between 60% to 70%.
DI: What new products or developments are in the works that you would be able to share with us?
AL: Modulo will soon launch a state-of-the-art solution: a new version of our policy management. It allows the dissemination, control, management and storage of an organization’s policies in line with their governance of corporate policies and standards.
Last month Modulo, together with CIDG Corp and Berkana Resources, launched the first ever comprehensive security and compliance solution designed to protect supervisory control and data-acquisition (SCADA) systems responsible to control processes such as maintaining power, water and oil supply.
Mr. Lima founded Modulo in 1985 with the vision of helping business become secure, as their reliance and use of information technology grows over time. He is an international speaker at global GRC events and co-author of numerous technology publications. Mr. Lima holds an undergraduate degree in Information Science from the Federal University of Rio de Janeiro (UFRJ), an Executive MBA from the Institute of Administration at the Federal University of Rio de Janeiro (COPPEAD/UFRJ), an Executive MBA from Nova University, Florida-USA with specialization at the IMD International Business School, in Switzerland.