BrickRed developed a complete IT Risk & Compliance management product for a US Client that specializes in delivering regulatory compliance in this field. It was a case of completely outsourced product development where the Client was able to redeploy expensive internal resources in Client-facing engagements, apart from being able to significantly reduce the time-to-market and the product development costs. The product has been very well received by end-users and today more than 300,000 users have deployed the product that seems to accelerate time to compliance, protect information assets and mission-critical systems.

About the Client
The Client is a US corporation that specializes in delivering regulatory compliance for information and risk management for organizations worldwide. Employing a full lifecycle policy, standards and IT control management software platform, the Client helps organizations achieve and sustain compliance. Today more than 300,000 users have successfully deployed the Client's products that seek to accelerate time to compliance, protect information assets and mission-critical systems, lower costs, and optimize IT controls.

The Business Need
The Client wanted to enhance its benchmark product for IT Risk and Compliance Management. The web-based policy management system was intended to enable companies to reduce the cost and complexity of compliance along with the cost of audits across global and heterogeneous environments.

It was felt that since organizational, commercial and regulatory compliance requirements were growing and changing frequently it was difficult to maintain a successful program with the existing application. The Client wanted the application to be robust enough to address these new requirements.

Additionally, they also wanted the application to comply with norms such as GLBA, PCI, FFIEC, SOX and HIPAA. Being an experienced player in the domain, the Client wanted a dependable partner to enhance its benchmark product. The CTO employed his team to scout several outsourced product development companies in India before finally settling for BrickRed.

The Solution
BrickRed revamped the existing product, developing the database from scratch to adhere to the newer requirements of the product as also to make it more robust. The data layer and the business layer of the application were converted. The development was painstaking since the product architecture was complex, with the GUI in itself having 8-9 layers. The latest technology within the .NET framework, such as lazy loading, was employed for developing the product. BrickRed also was responsible for creating the entire installer and the import utilities.

The Benefits
The revamped product was welcomed by end-users. The product not only met the requirements of auditors and regulators through regularly updated procedures, controls and validated policies, but also enabled the reduction of the pain of regulatory compliance by reducing audit preparation time and the compliance program costs. It ensured that the procedures and controls are customized to specific organizational needs.

By setting up an ODC at BrickRed, the Client was able to significantly reduce the time-to-market while cutting the development costs by more than 50%. At the same time, it was able to re-deploy its experienced internal resources into Client-facing engagements and thus doing away with the potentially huge opportunity cost as well.