For the second year in a row, Health Endeavors partnered with Lazarus Alliance for its annual AT-101 SOC 2 reexamination audit, along with vulnerability scanning and penetration testing.
SCOTTSDALE, Ariz., January 3, 2019 (Newswire.com) - Lazarus Alliance, a leading cyber security, governance, risk, and compliance (GRC) firm, has completed its independent SOC 2 reexamination audit of Health Endeavors, a technology development company that offers cloud-based data management solutions to the healthcare industry. Lazarus Alliance performs all audits and appropriate testing of Health Endeavors’ controls for its annual SOC 2 attestations and helps the company maintain its security controls between audits.
The SOC 2, which is part of the American Institute of Certified Public Accountants (AICPA) SOC reporting framework, utilizes the AT-101 professional standard. The SOC 2 was developed so that technology service providers could document that they adhere to comprehensive data security control procedures and practices. SOC 2 audits are voluntary. Companies choose to undergo them to assure their clients that they have implemented specific controls to effectively mitigate operational and compliance risks and provide consistent, reliable, and secure services.
“The successful completion of its SOC 2 reexamination audit proves that Health Endeavors consistently adheres to rigorous standards for security, availability, processing integrity, confidentiality, and privacy,” said Michael Peters, CEO of Lazarus Alliance. “Systems that process and store protected health information are mission-critical to the operations of healthcare facilities. They’re also magnets for hackers. An SOC 2 attestation allows Health Endeavors’ clients to use the company’s products with confidence, knowing that the software is reliable and stable and that it keeps patient data safe.”
Lazarus Alliance also performs periodic penetration testing and vulnerability scanning for Health Endeavors.
“Technology and the cyber threat environment are in constant flux,” Peters explained. “Regular testing and reevaluation of security protocols and controls are necessary for organizations to maintain their security posture.”
Lazarus Alliance utilizes Continuum GRC’s IT Audit Machine (ITAM), a GRC software solution that automates governance, risk, and compliance processes, to perform Health Endeavors’ SOC 2 examinations and assist with assessing vulnerabilities and evaluating security policies and controls.
"Lazarus Alliance uses the IT Audit Machine (ITAM) software from Continuum GRC which enables the SOC 2 examination audit to be automated, easy to understand and gives us transparency to the team. Each year we use ITAM and work with Lazarus Alliance on our security processes, improve substantially and we have a continuous security plan for the next year. ITAM is a great software tool and Lazarus Alliance are the experts we needed to be prepared," says Kris Gates, CEO of Health Endeavors.
“Because SOC 2 examinations must be performed at least annually, if the reporting process isn’t automated, the audits are costly and time-consuming, and they interrupt the organization’s normal operations,” Peters noted. “ITAM significantly speeds up the process, getting our clients from start to compliant quickly, saving them money and getting us out of their way as soon as possible. As part of our SOC 2 audit services, we give our clients continued access to ITAM between audits, which makes it easier for them to maintain security, governance, and compliance year-round.”
Source: Lazarus Alliance