Lockpath debuts industry’s most advanced IT GRC reporting in Keylight 3.0

Technology innovator continues to lead the market in making effective GRC tools a reality

Published on November 15, 2013

OVERLAND PARK, KANSAS — Lockpath, a provider of innovative governance, risk management and compliance (GRC) applications, today announced the release of version 3.0 of its Keylight™ platform. Keylight 3.0 delivers unmatched reporting capabilities, substantial content integration innovations and advanced assessment abilities.

The redesigned user interface simplifies reporting and allows permitted users to report on all data and quickly generate a variety of charts for stakeholders. With real-time data previews, users can instantly see their report take shape as they drag and drop fields, flatten reports, apply filters and sort criteria leveraging the full-screen work area.

“The reporting advances in Keylight 3.0 give our customers unmatched capabilities for analyzing, understanding and communicating results—whether it’s a specific information security initiative or the most mature GRC program—at every level of their organization,” said Chris Goodwin, co-founder and CTO of Lockpath. “Lockpath continues to deliver powerful features that actually work in real-world environments—alleviating organizations’ pent-up frustration with the ineffective GRC platforms of the past.”

Delivering unparalleled data integration and correlation through Lockpath’s patent-pending Dynamic Content Framework (DCF), a highly scalable and flexible content engine, Keylight 3.0 gives users the ability to create custom tables and fields in the Keylight Vendor Manager application via the DCF. New to this release, users can also use formulas inside record fields to automatically calculate risk levels from aggregated data. They can also issue assessments to quickly identify risk items for remediation against particular assets. Further streamlining GRC efforts, users can apply pre-defined filters and sorting criteria to lookup fields, insert direct hyperlinks into documents to create new records and auto-provision new users while creating a record.

“IT GRC is a market in transition,” notes Gartner Research Senior Analyst Paul Proctor in the 2012 GRC Hype Cycle. “IT GRC can improve an organization’s ability to analyze IT risk, add business context to security assessments, support internal and external audits, and reduce compliance-reporting costs. Organizations can reduce compliance-reporting costs by applying IT GRC automation to the management of written policy content, the assessment of process-oriented controls and the audit of technical configuration settings….Organizations also may take advantage of the benefits of control transparency to move toward the ideal of using better risk management to affect corporate performance.”

Assessment capabilities have also been significantly enhanced. Users can now:

  • Easily generate findings to speed investigations and remediation – Keylight automatically creates hyperlinked records based on assessment responses
  • Efficiently construct dynamic policies linked to controls – Vendor policies can be created on the fly based on their individual responses to assessment questions
  • Quickly access pertinent assessments – Users are now notified of any pending assessments at login and a “My Assessments” tab with links to each individual assessment simplifies navigation
  • Better evaluate assessments – Scores can be immediately displayed for users and color-coded scoring labels can be added for reporting
  • Match the structure of PCI DSS 2.0 and DIACAP 8500.2 assessments to the order prescribed by the Unified Compliance Framework (UCF)

Additional Keylight 3.0 advancements include:

  • Workflow auto-transition and use assignment functionality to drive record assignment efficiency
  • Compliance Manager direct image and control insertion, and dynamic policy statement generation
  • Security Manager vulnerability scan summary exporting and McAfee Vulnerability Manager ODBC connector

“Thanks to our team of experienced technologists, we set the standard for innovation in the GRC industry,” concluded Chris Caldwell, co-founder and CEO of Lockpath. “Keylight 3.0 continues our tradition of delivering industry firsts to ensure GRC technology keeps pace with our customers’ changing business and IT demands.”

Keylight 3.0 is available immediately. To schedule a demo, visit lockpath.com or call 913-601-4800.


Lockpath is a market leader in corporate governance, risk management, regulatory compliance (GRC) and information security (InfoSec) software. The company’s flexible, scalable and fully integrated suite of applications is used by organizations to automate business processes, reduce enterprise risk and demonstrate regulatory compliance to achieve audit-ready status. LockPath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises in more than 15 industries. The company is headquartered in Overland Park, Kansas.


Lockpath Media Contact
Emily Podhajsky

More Press Releases: