Lazarus Alliance Uses IT Audit Machine GRC Solution to Perform DFARS NIST 800-171 Audits More Efficiently

Lazarus Alliance is using Continuum GRC’s ITAM GRC software solution to simplify and speed up the DFARS compliance process for organizations scrambling to meet the end-of-year deadline.

Press Release updated: Oct 24, 2017 06:14 MST

​Lazarus Alliance, a leading cyber security governance, risk, and compliance (GRC) firm, is utilizing Continuum GRC’s IT Audit Machine (ITAM) GRC to perform DFARS NIST 800-71 audits for its clients.

U.S. Department of Defense contractors have until December 31, 2017, to achieve DFARS compliance.

“There’s no reason to believe that the DoD intends to extend this deadline,” noted Michael Peters, CEO of Lazarus Alliance. “Over the summer, the DoD held an Information Industry Day emphasizing the importance of DFARS compliance and reminding attendees that time was running out.”

DFARS compliance is complicated and time-consuming, and time is something our DFARS clients do not have right now.

Michael Peters, CEO, Lazarus Alliance

While DoD contractors are already accustomed to adhering to comprehensive security controls for classified systems, DFARS mandates that security controls also cover “Unclassified Controlled Technical Information (UCTI),” a broad term referring to unclassified data. Therefore, many organizations are having to expand their controls to cover additional systems.

“DFARS compliance is complicated and time-consuming, and time is something our DFARS clients do not have right now,” Peters explained. “By using ITAM GRC software to perform DFARS audits, we’re able to remove a lot of complexity from the process and save our clients time and money.”

The cloud-based ITAM GRC software integrates IT governance, policy management, risk management, compliance management, audit management, and incident management. Its user-friendly self-help modules encompass the full spectrum of regulatory and industry data security requirements, including DFARS NIST 800-171. Peters states that, on average, ITAM speeds up GRC assessments and reporting processes by 180% over traditional audit processes.

“Some organizations still use Microsoft Excel to perform IT compliance audits,” Peters noted. “Now that software like ITAM is available to automate the compliance process, that’s like using an abacus to keep your books. When facing compliance with a standard as complicated as DFARS, and running out of time to do it, you can’t mess around with spreadsheets.”

In addition to keeping them qualified to perform work for the DoD, DFARS compliance offers inherent strategic value for service providers. Other public and private-sector organizations know how rigorous DFARS compliance standards are, and they recognize that service providers who comply with DFARS are serious about data security, not just in-house but also on the part of their third-party vendors. DFARS compliance also demonstrates due diligence in the event of legal action or questions of business insurability.

“The majority of data breaches are now being traced back to third-party vendors,” Peters said. “DFARS is the DoD’s way of addressing this problem, and in the end, it’s going to be a good thing for everyone.”

Source: Lazarus Alliance

Powered by WPeMatico

You might like

About the Author: Carrie Brunner

Carrie Brunner grew up in a small town in northern New Brunswick. She studied chemistry in college, graduated, and married her husband one month later. They were then blessed with two baby boys within the first four years of marriage. Having babies gave their family a desire to return to the old paths – to nourish their family with traditional, homegrown foods; rid their home of toxic chemicals and petroleum products; and give their boys a chance to know a simple, sustainable way of life. They are currently building a homestead from scratch on two little acres in central Texas. There’s a lot to be done to become somewhat self-sufficient, but they are debt-free and get to spend their days living this simple, good life together with their five young children. Carrie writes mostly on provincial stories.
%d bloggers like this: