Lazarus Alliance Uses IT Audit Machine GRC Solution to Perform Compliance Audits

Lazarus Alliance has found the cascade feature in Continuum GRC's ITAM GRC software solution invaluable when performing multiple compliance audits for major NoSQL database developer client.
Proactive Cyber Security, Audit & Compliance Services from Lazarus Alliance

​​​​Lazarus Alliance, a top-rated cyber security, governance, risk, and compliance (GRC) firm, is using the Continuum GRC IT Audit Machine (ITAM) GRC software solution to perform multiple security audits and compliance services for major NoSQL database developer client.​.

Lazarus Alliance has been retained to perform FedRAMP Moderate, NIST 800-53, DFARS 800-171, AT-101 SOC 2 (Security, Privacy, Availability, Confidentiality, and Integrity), FDA 21 CFR Part 11, and HIPAA NIST 800-66 audits, aid with internal security policy development, and conduct periodic vulnerability assessments and penetration testing.

“Because our major NoSQL database developer client works with both public and private-sector organizations, spanning multiple industries, they are subject to numerous compliance mandates,” noted Michael Peters, CEO of Lazarus Alliance. “Their situation is not unusual in today’s digital marketplace. Many companies are subject to multiple industry and regulatory security compliance standards, and the only way to keep up with it all is to use a GRC automation solution like ITAM.”

The cloud-based ITAM integrates IT governance, policy management, risk management, compliance management, audit management, and incident management. Its user-friendly self-help modules encompass the full spectrum of regulatory and industry data security requirements. When a company is faced with having to comply with multiple standards, as many clients are, ITAM’s Cascade feature allows for all compliance work to be cross-mapped into one effort.

“While all of the compliance standards clients must adhere to are different, there is also quite a bit of crossover, since, in the end, they’re all about securing systems and data,” Peters explained. “ITAM recognizes when different standards have equivalent requirements and cross-maps them, so that the work does not have to be done twice. This saves an extraordinary amount of time, especially when dealing with so many frameworks, all of which are highly complex even on their own.”

Once the audits are complete, our major NoSQL database developer client will use ITAM themselves to maintain compliance year-round, as well as measure, monitor, and manage their security policies and IT governance programs.

“ITAM enables an automated and work flow driven approach to managing, communicating, and implementing IT policies and procedures across the enterprise,” Peters said. “It unifies IT GRC processes and enterprise GRC programs, eliminating silos, standardizing processes, reducing expenses, and improving collaboration, which drives down wasted time and money between audits and makes the next round of audits go even more smoothly.”

Source: Lazarus Alliance

Share:


Tags: cloud compliance, compliance, cyber security, data security, federal contractors, government, grc, information security, itam, risk management


Related Video

About Lazarus Alliance

View Website or Media Room

Lazarus Alliance's primary purpose is to help organizations attain, maintain, and demonstrate compliance and information security excellence, in any jurisdiction through security, audit, compliance, risk, privacy, policies and cyberspace law.

Michael Peters
CEO, Lazarus Alliance
Lazarus Alliance
27743 N. 70th Street (Suite 100)
Scottsdale, AZ 85266
United States