Strategic Thought

Risk Management
Interested?

If you would like to find out more information about any of our products or contact us to discuss how we can help you, then please click here.

Alternatively contact us on telephone number +44 (0) 208 410 4000 (EU) or +1 (703) 673 9580 (US).

Search our site

Search

News
  • 2nd Half ARM Wins! ()

    STG announces 14 new contracts in both the US & the EU in the second half of YE2008, including USAF.   more

  • New Practice Head Appointed ()

    STG appoints a head of the new Banking Payments Practice.   more

  • Forrester Enterprise GRC Report ()

      more

  • New President for Strategic Thought Inc ()

    STG announces that Chuck Hixson has joined as the new president of Strategic Thought Inc.   more

ARM >

 Technical Strategy


From its inception, Active Risk Manager (ARM) was designed as a web-based solution to meet the needs for enterprise-wide deployment of risk management. Our expertise in Service Oriented Architecture and Portal technology has enabled us to continue to develop and improve ARM using the most up-to-date design requirements of an application operating in an enterprise environment.

ARM has been tested to 10,000 users on  a single application server. It also has the required integrations to system software such as LDAP servers to enable single sign on and secure authentication, operates across SSL and the more recent TLS encryption protocols to ensure security of transmitted data, and every release we deliver is tested to confirm continuing adherence to these principles.

In terms of the product strategy, the principles we seek to meet are:

  • A technology footprint that is non-intrusive on customer IT strategies (to aid in enterprise- wide role out and push back from IT)
  • A technical platform that supports all aspects of GRC, regardless of having disparate user requirements across the organization, and different views of compliance and risk.
  • An application that has the scaleability to meet an enterprise deployment model (30,000 users) together with the configurability to support different sub-processes within the same deployment.
  • A platform that can be offered as a "Software as a Service" model as well as an in-house deployment.
  • A portal and integration strategy that enables the compliance and risk processes to be embedded within other key management processes across the business.
  • A portal strategy that enables the underlying GRC functionality to be delivered in different ways to different user communities within the same deployment model offering the ability to develop purpose-built intranet sites as gateways to the GRC platform.
  • The ability to leverage off the significant investment that Microsoft is making in underlying systems software platforms, for example reporting, electronic questionnaires, electronic forms, portal, document management, work flow, digital dash-boarding, business intelligence and message based integration. In this way we can bring enhanced collaboration and process management to our customers quickly, in a totally integrated manner within the Active Risk Manager application.

ARM Component Architecture

The logical application model required to support an enterprise GRC model is component-based many, In Active Risk Manager, this component architecture is made up as shown in the diagram on the left.

Through this architecture we are also able to support integration to non-Microsoft platforms through both the web service API and the BizTalk integration server. In this way we have integrated to Java based corporate portal solutions, received data from legacy risk management solutions and integrated into sister application products such as SAP and Microsoft Project Server.

This technology strategy is part of the wider Closed-Loop Risk Management product strategy.