Sourcegraph & Anecdotes

Solution:

• Custom Framework: Anecdote’s platform flexibility made it easy for Geels Norton, Sourcegraph’s auditor, to build a framework tailored to the specific requirements Sourcegraph would need for the audit. 
• Automated Evidence Mapping: Evidence was automatically collected and mapped to the relevant controls in its custom framework, substantially reducing the manual labor and time Sourcegraph spent preparing for the audit.
• Continuous Compliance: By setting up rules that automatically detect gaps based on its internal processes, Sourcegraph’s Compliance team has visibility into its posture and has achieved continuous compliance.

“We appreciate the clarity when it comes to data in Anecdotes. There is increased transparency as to how the data was collected, making the entire audit process quicker and better,” Nick continued. “Anecdotes, and specifically the auditor portal, made Sourcegraph’s audit process faster and more efficient, and the entire experience much smoother.” Nick Norton, Cofounder and Chief Visionary at Geels Norton.
‍

Results:

• Data Analysis and Gap Detection: The flexibility to analyze the data, query it, and detect gaps automatically on an ongoing basis allows Sourcegraph to detect and address any issue in real-time, allowing them to arrive at the audit well-prepared.
• Collaboration with Auditor: Sourcegraph and Geels Norton were able to conduct the audit within the Anecdotes Compliance OS and methodically review all the evidence and controls, making the entire audit process more efficient.
• Time Savings: The automated evidence collection saved Sourcegraph a lot of time preparing the audit. By conducting the audit within the platform, there was much less back-and-forth, making for a much more focused and efficient audit process.