Lazarus Alliance Uses IT Audit Machine GRC Solution to Perform Compliance Audits

Proactive Cyber Security, Audit & Compliance Services from Lazarus Alliance

Lazarus Alliance has found the cascade feature in Continuum GRC's ITAM GRC software solution invaluable when performing multiple compliance audits for major NoSQL database developer client.

Lazarus Alliance, a top-rated cyber security, governance, risk, and compliance (GRC) firm, is using the Continuum GRC IT Audit Machine (ITAM) GRC software solution to perform multiple security audits and compliance services for major NoSQL database developer client.​.

Lazarus Alliance has been retained to perform FedRAMP Moderate, NIST 800-53, DFARS 800-171, AT-101 SOC 2 (Security, Privacy, Availability, Confidentiality, and Integrity), FDA 21 CFR Part 11, and HIPAA NIST 800-66 audits, aid with internal security policy development, and conduct periodic vulnerability assessments and penetration testing.

“Because our major NoSQL database developer client works with both public and private-sector organizations, spanning multiple industries, they are subject to numerous compliance mandates,” noted Michael Peters, CEO of Lazarus Alliance. “Their situation is not unusual in today’s digital marketplace. Many companies are subject to multiple industry and regulatory security compliance standards, and the only way to keep up with it all is to use a GRC automation solution like ITAM.”

The cloud-based ITAM integrates IT governance, policy management, risk management, compliance management, audit management, and incident management. Its user-friendly self-help modules encompass the full spectrum of regulatory and industry data security requirements. When a company is faced with having to comply with multiple standards, as many clients are, ITAM’s Cascade feature allows for all compliance work to be cross-mapped into one effort.

“While all of the compliance standards clients must adhere to are different, there is also quite a bit of crossover, since, in the end, they’re all about securing systems and data,” Peters explained. “ITAM recognizes when different standards have equivalent requirements and cross-maps them, so that the work does not have to be done twice. This saves an extraordinary amount of time, especially when dealing with so many frameworks, all of which are highly complex even on their own.”

Once the audits are complete, our major NoSQL database developer client will use ITAM themselves to maintain compliance year-round, as well as measure, monitor, and manage their security policies and IT governance programs.

“ITAM enables an automated and work flow driven approach to managing, communicating, and implementing IT policies and procedures across the enterprise,” Peters said. “It unifies IT GRC processes and enterprise GRC programs, eliminating silos, standardizing processes, reducing expenses, and improving collaboration, which drives down wasted time and money between audits and makes the next round of audits go even more smoothly.”

Source: Lazarus Alliance

Share: