SaaS provider Health Endeavors has partnered with cyber security and GRC firm Lazarus Alliance for an AT 101 SOC 2 audit, policy development, vulnerability scanning, and penetration testing.
SCOTTSDALE, Ariz., October 24, 2017 (Newswire.com) - Lazarus Alliance, a leading cyber security, governance, risk, and compliance (GRC) firm, today announces its partnership with Health Endeavors, a technology development company based in Scottsdale, Arizona, that offers cloud-based data management solutions featuring patient health integrated tools (PHIT) and healthcare admin tools (HAT). Lazarus Alliance will perform an independent AT 101 Service Organization Control 2 (SOC 2) audit and also provide services related to security policy development, vulnerability scanning, and penetration testing.
The SOC 2 is part of the American Institute of Certified Public Accountants (AICPA) SOC reporting framework and utilizes the AT-101 professional standard. The SOC 2 was developed so that technology service providers, including SaaS developers such as Health Endeavors, could attest to their adherence to comprehensive data security control procedures and practices. Companies undergo SOC 2 audits to assure their clients that their organizations have implemented specific controls to effectively mitigate operational and compliance risks.
“With so many IT services being outsourced, third-party vendors are handling an extraordinary amount of sensitive data, and breaches at those vendors have become an even bigger problem than in-house cyber attacks,” said Michael Peters, CEO of Lazarus Alliance. “By releasing an SOC 2 attestation, Health Endeavors is demonstrating to its clients that it adheres to the SOC 2’s rigorous standards for security, availability, and confidentiality, and they can feel safe when using the company’s software to process protected health information.”ITAM GRC software takes the guesswork out of IT audits and empowers organizations to take control of their entire cyber ecosystem.
Additionally, Lazarus Alliance is helping Health Endeavors develop data security policies and is performing penetration testing and vulnerability scanning to ensure proactive cyber security moving forward.
“Policy development is the first fundamental of the Security Trifecta for governance, technology and vigilance. It is also part of the SOC 2 process; attesting service organizations must establish specific information security policies and procedures and document them in writing,” Peters explained. “This eliminates confusion and keeps everyone in the organization on the same page.”
Lazarus Alliance is utilizing Continuum GRC’s IT Audit Machine (ITAM), a RegTech software solution that automates governance, risk, and compliance processes, to perform Health Endeavors’ SOC 2 audit and assist with assessing vulnerabilities and developing security policies.
“Our clients love ITAM because it has easy-to-use modules that walk users through the IT audit process, take the pain out of it, and saves everyone an incredible amount of time,” Peters explained. “It’s also a complete GRC solution that integrates IT governance, policy management, risk management, compliance management, audit management, and incident management so that organizations can discover exactly where their vulnerabilities are and can mitigate them before a breach happens. ITAM takes the guesswork out of IT audits and empowers organizations to take control of their entire cyber ecosystem.”
Source: Lazarus Alliance