The company struggled with using manual processes when conducting internal audits and assessing vendors. Lockpath offered them the ability to centralize and link the data collected for managing compliance and audit investigations. It worked so well that the company uses Lockpath to maintain ISO 27001 certification and to comply with SOC II.
Challenge: Risk Management Processes Falter as a Successful Company Grows
Risk is the responsibility of everyone, and every process, within the organization. If you provide goods and services to your customers, you’re responsible for appropriately handing their information – and that introduces risk.
Such was the case for a Portland, Oregon-based software company, which builds a popular enterprise communication solution for employee collaboration. When the company was small, responding to customer audit requests meant looking through old emails and updating spreadsheets. But success and growth in new markets introduced regulatory requirements from new industries, such as healthcare and finance; geographic data privacy laws; and various requirements for third party vendor relationships. Spreadsheets couldn’t handle the job. The one-person information security team was overwhelmed.
This software company knew they had to find a more efficient way to respond to audit requests, and a more effective way to document their risk management efforts in a way that satisfied numerous regulatory and customer requirements.
Download the case study to learn more.
About NAVEX Global, Inc.
NAVEX Global is the worldwide leader in integrated risk and compliance management software and services. Our solutions help organizations manage risk, address complex regulatory requirements and foster an ethical, productive workplace culture.