Carpathia offers continuous compliance monitoring tool
Carpathia, a provider of hybrid cloud services and managed hosting for government, said it would begin offering a tool enabling agencies to perform ongoing compliance assessment against any defined standard.
The company’s Continuous Assurance Platform (CAP) automates the continuous collection and analysis of controls and compliance artifacts, ensuring against a potential failed audit or fines, the company said.
"In the age of continuous monitoring, enterprises can't afford to wait until an audit takes place to know if they are compliant with key standards, particularly in industries like government and health care that manage highly sensitive information," said Jon Greaves, chief information security officer at Carpathia.
"CAP offers continuous compliance visibility – an industry first – while simplifying the information gathering process for both internal teams and auditors, saving time and money for everyone involved,” he added.
CAP is based on a proprietary rules engine that generates a score that measures adherence to any defined compliance standard at any point in time, the company said. This helps compliance and security officers evaluate their organization’s past, current and future compliance status against both static and evolving requirements.
Carpathia maintains key government and health care industry standards within the platform, including the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA) standards.
The compliance information is stored within an “evidence locker,” a CAP tool that guarantees artifacts are digitally signed and cannot be modified or deleted, “ensuring an indelible audit trail,” said the company.
For auditors, CAP cuts the length of most auditing from days to hours, the company added, replacing spreadsheet or paper-based checklists with customizable reports and real-time data queries.
Connect with the GCN staff on Twitter @GCNtech.