Swimlane & Anecdotes

How Swimlane Enhanced Tracking and Visibility of Their Compliance Program
Download as pdf

Having a tool that tracks all controls from a framework level and also a control level lets me easily identify where our strengths and weaknesses are in our entire posture

Jack Rumsey, Head of GRC at Swimlane

Challenge:

  • Difficulty Tracking Requirements: Struggling to effectively track requirements across audited frameworks including SOC 2, ISO, FedRamp (Moderate), NIST CSF, GDPR, and HIPAA.
  • Control Testing and Monitoring: Inability to adequately test controls for monitoring and reporting customer audit requirements, particularly for SOC 2 compliance.
  • API Integration for Reporting: Needing a robust API to seamlessly push data to Swimlane’s system for comprehensive reporting purposes.

Solution:

  • Utilization of Frameworks and Analysis Tools: Leveraging Anecdotes’ frameworks alongside evidence scoping, analysis rules, and cross-evidence analysis to enhance GRC management.
  • Custom Frameworks for Tailored Management: Implementing custom frameworks to address specific customer audit requirements and internal control testing needs, ensuring comprehensive GRC management.
  • Integration with Swimlane’s System: Leveraging Anecdotes API to seamlessly integrate and push data to Swimlane’s proprietary system, facilitating efficient reporting and analysis.

Results:

  • Improved Risk Assessment Process: Anecdotes Risk Management App provides a centralized source of truth for risk assessment, streamlining the process by incorporating mitigating controls and generating actionable outcomes efficiently.
  • Enhanced Compliance Tracking: Anecdotes' plugin suite enable thorough tracking of compliance key fields across systems, reducing reliance on invasive access permissions and empowering the GRC team.
  • Comprehensive Compliance Visibility: Anecdotes ability to track controls at both framework and control levels facilitates easy sharing of compliance status and identification of strengths and weaknesses in the organization's overall posture.

Client Bio

NYSE Ticker:
NA
Industry:
Technology
Employees:
300
HQ:
Louisville, CO

Swimlane is the leader in AI-enabled security automation, unifying security operations into a single system of record.