LiveTiles Upgrades to ISO 27001:2022 with Scrut
Location: New York, USA
Industry: SaaS
The Context
Jan Aries Gomez Operations Manager, LiveTiles
Challenges
Upgrading Compliance Amidst Resource Constraints
LiveTiles needed to transition from the 27001:2022 version amidst internal leadership changes. However, certain challenges impeded their path forward.
Navigating Complexity in the New Standard
The transition to ISO 27001:2022 required comprehensive updates to their existing compliance framework. It involved enhancing policies and procedures to align with
the complex new standard. Understanding these new requirements and mapping
existing documentation to the new requirements were significant challenges.
Overcoming Manual Processes and Visibility Issues
LiveTiles previously relied on labor intensive processes, including spreadsheets for tracking compliance tasks and SharePoint for document management. These methods resulted in unaddressed compliance gaps, fragmented visibility of progress, and extended timelines.
Managing Compliance with Limited Resources
With a lean security team, governing compliance processes across a global workforce was arduous and added more burden on an already strained team. The lack of adequate tools for coordination and automation was a shortcoming in achieving compliance efficiently.
The flexibility of Scrut's team, especially accommodating our global team's schedules, has been incredibly valuable.
The Solution
Scrut not only ensured compliance but also optimized processes. Key features of the Scrut platform that made the efficiency possible include:
Centralized Management
Scrut consolidated compliance documentation and tasks, mapping artifacts to controls and linking risks. LiveTiles tracked control status, developments, pending tasks, and critical risks, replacing cumbersome SharePoint folders for streamlined management.
Real Time Dashboards
Scruts real time dashboards gave LiveTiles continuous compliance tracking, visibility into critical risks, and management of action items, artifacts, and version logs. They also enabled real time reporting to leadership, streamlining the entire risk management process.
Collaborative Platform
The platform allowed infosecurity leaders to notify assignees of pending tasks with one click, replacing manual steps. Bi directional integration with Jira enabled sending tickets with remediation steps and cloud issue metadata, allowing engineers to address issues directly.
Proven ROI with Scrut:
Download the Full Case Study Now
The Impact
Elevated Security Posture
Scruts monitoring ensured proactive identification of issues, while experts mapped ISO 27001:2013 to 2022, performed gap assessments, reused existing documents, and gathered evidence for new criteria, achieving compliance with minimal disruption to LiveTiles operations.
Efficiency in Processes
Scrut s audit portal let auditors submit findings with context, enabling prompt responses and smoother audits. LiveTiles transitioned from spreadsheet based risk assessments to Scruts dynamic register, improving risk visibility and mitigation.
Improved Collaboration
Scruts centralized platform enhanced team collaboration at LiveTiles through tagging, shared reports, and artifact access. Its 24×5 customer support ensured timely assistance for LiveTiles global workforce, accommodating varied work hours across different time zones.