17 years helping Canadian businesses
choose better software
NAVEX IRM (formerly Lockpath)
What Is NAVEX IRM (formerly Lockpath)?
NAVEX IRM (formerly Lockpath) brings visibility to risks frequently managed in disparate sources. It aggregates internal data points from all corners of the organization, as well as from assessments, audits, authoritative sources and external systems. By having everything centralized, correlated and connected, the platform enables organizations to see dependencies and to make smarter business decisions.
Who Uses NAVEX IRM (formerly Lockpath)?
We serve companies looking to automate manual processes, consolidate asset management tools, replace rigid or outdated solutions, or integrate asset management with their enterprise risk programs.
Not sure about NAVEX IRM (formerly Lockpath)?
Compare with a popular alternative
NAVEX IRM (formerly Lockpath)
Reviews of NAVEX IRM (formerly Lockpath)
Keylight is easy to use and easy to configure to suit your needs.
Pros:
Keylight is completely configurable and extremely adaptable. It has powerful yet simple-to-produce reporting capabilities that enable metrics and provide transparency with ease. I can't stress enough how easy the configuration (Admin) capabilities are to learn and to use. And for those times where help is needed, the Lockpath Support and Professional Services teams are first class. Always eager to help and it is evident that customer service is a high priority for the company. Workflows and notifications can be easily built which can provide a centralized location for many use cases, including: Identifying and monitoring risks; Recording regulatory and other requirements, controls associated with those requirements, including assigning ownership and review of those controls, and Audit projects which are tied directly to the controls; Vendor Management, including monitoring compliance and tying to any applicable risks. I guess what I'm trying to say is, the Keylight GRC platform helps take some of the complexity out of GRC. The above are just a few of the many possibilities. Because the tool is so easy to configure, I tell my colleagues to "tell me your dream"-- I'm usually able to get pretty close.
Cons:
Sometimes the tool is less than intuitive. Don't get me wrong-- I still stand by my statement that it is extremely easy to use-- but sometimes the way to do something is not the way you'd imagine. Most times, there is a way to do what you need to do, it's just not always the way you'd expect. Lockpath Support is always an excellent resource to work through these situations.
Robust GRC Management Tool
Comments: Makes managing GRC tasks, exceptions, vendors, etc much MUCH more efficient. We have seen significant time savings by using this software.
Pros:
This is a fully customizable solution to help meet GRC management needs. This has also been expanded into other areas, including assessments, asset reviews, documentation management/reviews, testing management, vendor management, and a host of other things.
Cons:
The online doc is ok, but may need updating. We have also run into reporting limitations, and the software can struggle with graphic reporting if the number of records exceed some preset quantity. The other is very specific; when creating a new field and setting the character parameters, the parameters are permanent for the life of the field. For example, if a text field is set for 100 characters, but a year later, you find a need to allow for 500 characters, the existing field cannot be redefined. A new field needs to be created to allow for the expanded setting. So when you are trying to create a field and be cognizant of the space (i.e. limiting to 100 characters), you are limiting the future-growth of the data this field may manage. The same goes for the tolerances of the numeric fields. Once the parameters (number of spaces before and after a decimal point) are set, there is no changing the field. It must be replaced with a new field, rather than having an effective recalculation process.
Keylight has been a good platform and meets our needs
Comments: A very good third party management software. It has helped us to streamline and organize our 3rd party risk management process
Pros:
Excellent customer service, intuitive and easy to use. layout and menus are well suited for navigation and functionality.
Cons:
On premise solution has some bugs to work out. software could be faster when clicking through and going from page to page.
Excellent GRC platform with phenomenal support.
Comments: Excellent customer support and the ability for me to use the product however our organization sees fit. Often a process or workflow design can become a reality within weeks without having to build out new features or wait for software to catch up.
Pros:
LockPath Keylight is highly customizable and new features and upgrades are released on a very timely schedule. The platform is highly stable and provides great insights to our data across our environments. Custom dashboards and reporting metrics can be configured for different roles as well which helps provide the most important data to a given user. Be it high level CISO dashboards, to implementation based feeds for system administrators, the customization capabilities are there.
Cons:
There is a slight learning curve with this product but this has become incrementally less with every release. I would not say it is complicated by any means, complexity largely results in how vast you've opted to customize your system and integrate connectivity with other platforms through connectors.
Seeking Tool for Risk Management and Workflow (Rm & Cm Applications)
Comments: The experience with Lockpath has been positive including their attentiveness and responsiveness to meet our needs with their tool.
Pros:
Lockpath Keylight is highly configurable and easy to navigate from an administrative perspective with coaching from the Professional Services team. The speed of implementation is primarily based on the tool owner to provide documentation and dedicate time to understanding the system. The user-friendliness of the front end of the tool ultimately falls on the administrator as the system is pretty much a blank slate upon purchase. The Quickstart implementation structured our system’s foundation and the remainder of the configuration was able to be completed either by the Professional Service team or by an internal administrator of the system. The Professional Service and Support teams have been highly responsive to questions and enhancement requests for the system. Professional Service hours have been very useful in working through more advanced requirements and gaining a more robust training to the system.
Cons:
As noted above, the Risk Keylight application is 100% configurable which means there is no direct out-of-the-box workflows or fields. This can be an advantage or disadvantage based on the needs of your company. If your company is able to detail specific requirements, the configuration of basic workflows is quick to implement. The Compliance Keylight application came with a few pre-built workflows and forms which has been helpful to quickly input data and see results in the system.