Latest News

SureCloud Adds Continuous Monitoring Capabilities to Enable Proactive Governance, Risk, and Compliance

SureCloud adds continuous monitoring to its cloud-based SaaS GRC solutions to provide customers with more real-time assurance that their high-rated risks are being managed effectively 

SureCloud, a provider of Gartner-recognized IT governance, risk, and compliance (IT GRC) SaaS solutions, has today announced the addition of continuous monitoring capabilities to its suite of IT GRC solutions. The update comes as regulatory change, rising security risks, and increased scrutiny are driving organizations to require more continuous and real-time assurance that high-rated risks are managed, and that appropriate controls are in place and operating effectively.

Continuous monitoring, sometimes referred to as continuous control monitoring (CCM), automates the collection and analysis of data to check that controls are operating effectively in near real-time. By providing greater transparency into the operations and more timely detection of compliance and risk issues, continuous monitoring enables security and compliance professionals to identify priorities and direct resources to the areas most important to the business. Weak or poorly designed controls can be corrected or replaced, enhancing the organization’s risk posture.

Historically, organizations have relied on manual, periodic assessments to understand the effectiveness of controls. However, manual reviews only capture a single point in time and can be slow and costly to undertake.

Following the addition of continuous monitoring capabilities, SureCloud enables security and compliance professionals to create key control indicators (KCI’s) and define the schedule, frequency, and context, together with multiple thresholds, to automatically identify changes in control effectiveness based on pre-defined business logic. They can also automatically notify everyone involved of any changes so action can be taken before it becomes an issue.

In addition to its continuous monitoring capabilities, SureCloud offers pre-mapped control content, including access to the complete Secure Controls Framework (SCF) catalog, along with automatic updates, for an exhaustive list of industry regulations and standards, including PCI, HIPAA, ISO 27001, 27002, 27017, NIST 800-52, CSF, Privacy Framework, CSA and more.

Alex Brown, VP of Product at SureCloud, said: “Enabling customers to continuously monitor controls complements our existing integration with the SCF. Now, customers can make sure that their controls are up-to-date through the content provided by the SCF, as well as make sure they’re effective through the continuous monitoring of key control indicators.”

SureCloud has serviced the IT GRC market for more than 15 years and offers a range of cyber and risk advisory services, and this enhancement to its platform is just the latest in a string of planned innovations. SureCloud has also been recognized in three of Gartner’s Magic Quadrants and identified as a challenger within the consulting firm’s 2020 IT Risk Management and IT Vendor Risk Management quadrant reports.

Richard Hibbert, CEO of SureCloud, said: “In recent years, the IT GRC industry has realized the importance of moving from point-in-time assessments to continuous monitoring through technology like ours. As managing governance, risk, and compliance becomes increasingly complex, organizations need ways to manage their programs that address this complexity. Our new continuous monitoring capabilities provide always-on visibility of control effectiveness and the ability to take decisive action when that effectiveness changes.”