Carpathia offers continuous compliance monitoring tool

Carpathia offers continuous compliance monitoring tool

Carpathia, a provider of hybrid cloud services and managed hosting for government, said it would begin offering a tool enabling agencies to perform ongoing compliance assessment against any defined standard.

The company’s Continuous Assurance Platform (CAP) automates the continuous collection and analysis of controls and compliance artifacts, ensuring against a potential failed audit or fines, the company said.

"In the age of continuous monitoring, enterprises can't afford to wait until an audit takes place to know if they are compliant with key standards, particularly in industries like government and health care that manage highly sensitive information," said Jon Greaves, chief information security officer at Carpathia.

"CAP offers continuous compliance visibility – an industry first – while simplifying the information gathering process for both internal teams and auditors, saving time and money for everyone involved,” he added.

CAP is based on a proprietary rules engine that generates a score that measures adherence to any defined compliance standard at any point in time, the company said. This helps compliance and security officers evaluate their organization’s past, current and future compliance status against both static and evolving requirements.

Carpathia maintains key government and health care industry standards within the platform, including the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA) standards.

The compliance information is stored within an “evidence locker,” a CAP tool that guarantees artifacts are digitally signed and cannot be modified or deleted, “ensuring an indelible audit trail,” said the company.

For auditors, CAP cuts the length of most auditing from days to hours, the company added, replacing spreadsheet or paper-based checklists with customizable reports and real-time data queries.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected