Continuum GRC Uses Blockchain to Enhance IT Audit Machine (ITAM) GRC Solution

IT Audit Machine (ITAM) GRC SaaS solution powered by blockchain

The IT Audit Machine (ITAM), a top-ranked GRC SaaS solution, is now one of very few GRC solutions that utilize blockchain.

Continuum GRC, a leading cyber security governance, risk, and compliance (GRC) firm, today announced that it has added blockchain to its proprietary IT Audit Machine (ITAM), a top-ranked GRC solution.

“Because technology, the cyber threat environment, and compliance mandates are in constant flux, we are always looking for ways to make use of the newest technologies to enhance ITAM,” said Michael Peters, CEO of Continuum GRC. “Blockchain is the future of cyber security and compliance, and it was a natural fit for ITAM.”

Once recorded, blockchain records, called blocks, are immutable; they cannot be deleted. Changing the data on a single block requires verifying the changes with the rest of the chain, and every change made to a block is appended with a digital signature and timestamp. This makes blockchain secure by design; hacking one entry would require hacking every single transaction that precedes or follows it, and it cannot be done anonymously. From a compliance perspective, this equates to a verified chain-of-trust and proof-of-process, not only for customer records but documentation of specific business processes.

“Evidence is the foundation for audit, compliance and assessments,” Peters noted. “When users upload evidence into ITAM, and output reports and documentation are generated, the system utilizes blockchain to enhance proof, increasing the quality and reliability of everything that ITAM does with evidence.”

ITAM utilizes user-friendly self-help modules to provide enterprises with a complete solution for IT governance, policy management, risk management, compliance management, audit management, and incident management. It supports the full spectrum of regulatory and industry data security requirements, including NIST 800-53 and 800-171, FedRAMP, SSAE 18, COBIT, ISO 27001, 27002, and 27005, SOX, FFIEC, PCI, GLBA, HIPAA, CMS, NERC CIP, DFARS, and other federal and state mandates.

Peters reported that ITAM speeds up GRC assessments and reporting processes by an average of 180% as compared to traditional audit processes. Now that the software utilizes blockchain for evidence, he noted, it could save organizations and auditors even more time by reducing the need for data reconciliation on the back end.

“With the addition of blockchain, ITAM now provides an evidence chain of custody record that is immutable,” Peters added. “Auditors and regulators can be assured of the integrity of ITAM’s audit trails.”

Source: Continuum GRC