IBM Security Active Governance Services + Xacta

Automating and centralizing ITRM operations across the enterprise

The rising costs of compliance and its challenges are real.

Too many global and local compliance requirements

No single source of truth, and too many disparate programs and tools

An increasingly complex hybrid enterprise

Too many controls to test and report on, as well as audit fatigue

Visibility to assure leadership risks are being mitigated

What is IBM Security AGS?

IBM Security Active Governance Services (AGS) operationalizes cybersecurity compliance and regulatory risks across the enterprise and provides:

  • Proactive governance services that are tailored to provide assurance to CISOs, regulators, and auditors
  • Risk reduction strategies that are scalable, monitored and managed to resolution
  • Assurance that security and compliance programs are effectively protecting critical data with central management and reporting
  • Address both the manual and automated aspects of compliance across cloud, on prem and hybrid environments with Xacta from Telos.

AGS is the key to time- and cost-saving compliance…

AGS is the key to time- and cost-saving compliance, made possible through the power of automation. Donut diagram showing IBM Security AGS benefits: Ongoing compliance controls monitoring, Optimize operations, Improved efficiencies, Data integration, Efficient compliance, and Risk reduction.

… made possible through the power of automation

XACTA automates the most time-consuming compliance activities.

AGS Packages

Small $
Up to 5 projects and 2,500 assets*

Medium $$
Up to 10 projects and 5,000 assets*

Large $$$
Up to 25 projects and 12,500 assets*

1 Week

Compliance workshop

  • A workshop to understand the goals, pains, and impacts related to cyber risk management
  • Co-create the future of cyber risk management
  • Prioritize the components of the future created

2 Weeks

Design solution

  • Project definition, prioritization, and deployment plans established
  • Designs an automated solution that aligns to the workshop results based on industry standards and customer requirements

8 – 16 Weeks

Build and configure

  • Securely configure the platform per the project plan and solution design requirements
  • Collect compliance data from customer tools and ingest into the platform for analysis


Steady state services

  • C-level governance and advisory cadence
  • Risk reduction strategies established
  • Oversight of remediation management activities
  • Audit support
  • Platform support

AGS automates the most time-consuming aspects of cybersecurity compliance, risk and audit activities such as control selection, validation, reporting, auditing and monitoring across the enterprise.

AGS Packages include:

  • Design Thinking workshop
  • Telos Xacta software annual license fees for 3 years
  • SaaS hosting on AWS
  • Initial setup of platform
  • Ongoing security services for 3 years of platform and advisory services

*A project is an accreditation or assessment boundary (e.g. geographic location, department / organizational function, system/workload function, etc.)

*An asset includes any hardware, equipment, software or operating system defined within the project

Contact us to learn more about IBM AGS and Xacta