5/7/2006 - Prevari Releases Technology Risk Manager 3.0

Prevari Brings to Market Quantitative Analytical Tool for IT Risk Measurement, Modeling and Management.

Minneapolis, MN. April 7, 2006 – Prevari, a Security Risk Management product company today announced the official release of its newest version of the Technology Risk Manager (TRM) product line, now available on the Microsoft .Net platform. TRM 3.0 now accepts external technology feeds from multiple technology scanners and delivers a quantitative risk index based on the technical, administrative and physical controls of an IT environment. This new product enables executive management with the ability to objectively understand the state of IT risk and make business decisions based on ROI and acceptable levels of risk specific to business functions.

Business leaders today normally rely on qualitative data and the subjective opinions of staff and consulting security experts rather than using business metrics to make predictive decisions regarding how IT risk impacts organizational risk. Rather than focusing on historical events around threats and vulnerabilities, TRM offers a repeatable and defensible approach to risk management that enables businesses to proactively measure, model and manage resources to protect business-critical assets.

"The ability for senior IT security management to effectively communicate at the executive, financial and board level with a common language simply does not exist. Having the ability to manage IT risk in the same manner we measure and predict financial risk is paramount in this age of shrinking budgets and doing more with less” said KoniKaye Jeschke, Prevari CEO. "Making significant financial decisions based on the state of known vulnerabilities (or the lack thereof) does not allow for modeling and determining how to reduce overall risk in a strategic plan for your IT infrastructure over the course of three or more years," said Jeschke.

"Multiple frameworks and standards such as Sarbanes-Oxley, ISO 17799/BS 7799, DITSCAP/DIACAP and HIPAA (Health Insurance Portability and Accountability Act, 1996) exist. The key missing element is how to translate the state of compliance into actionable quantitative metrics that actually reduce IT risk and overall business risk," said Frank McLallen, Vice President of Marketing and Sales. "With the launch of TRM 3.0, we are offering customers an easy-to-deploy solution that can supplement their risk management toolset and deliver repeatable metrics regardless of whether vulnerabilities exist. Our early adaptor clients are shocked at how easily we bring clarity and visibility to information technology risk management that for too long has been immersed in techno-garble and decisions using the fear factor."

Technology Risk Manager (TRM) 3.0
TRM is a scaleable software application that features the ability to assimilate technical, administrative and physical environments into a common risk index yielding quantitative measurements in the domains of Confidentiality, Integrity, Available, and Audit. This information is then used to understand and mitigate risk from the individual host level up to and including the entire corporate enterprise and any customer-defined business unit or application in between.

About Prevari
Prevari, headquartered in Minneapolis, Minnesota is an innovation leader in providing analytical tools in the IT risk management space. Based on 10 years of security expertise in the security consulting business and significant academic research and development, Prevari has accumulated and produced mathematical models and tools used to solve the most difficult technology challenges in multiple industries including the financial, healthcare, and government industries. www.prevari.com