ComplySci Proactively Shares

CyberGRX Helps ComplySci Reduce Time Spent on Assessments with Proactive Sharing

Proactive Sharing Saves Time

As an organization that is dedicated to protecting its customers' information, ComplySci takes data protection seriously. So, when one of their customers ordered a CyberGRX assessment on them, it was no surprise that their final assessment data reflected their due diligence and dedicated security posture. That CyberGRX assessment has continued to pay dividends to ComplySci, as they share it with their other partners, proactively cutting down on their assessment requests.

About ComplySci

ComplySci is a leading provider of technology solutions that help compliance organizations identify, monitor, manage and report on conflicts of interest arising from employee activities, including personal trading, gifts and entertainment, political contributions, outside business affiliations, and other code of ethics violations. Founded in 2003 by early pioneers in the development of automated compliance management solutions, ComplySci is now trusted by over 1,000 customers, including some of the world’s largest financial institutions. Compliance Officers rely on ComplySci’s scalable and sophisticated platform to stay ahead of risk.

“CyberGRX will help us save 200 hours or more traditionally spent on filling in assessments.”

Challenges

Like many other technology vendors, ComplySci is no stranger to the strain the overwhelming disparate assessment requests can put on an organization's resources. ComplySci is assessed over a hundred times a year, and that number only appears to be increasing. Given the nature of their offering, they are absolutely dedicated to safeguarding their customers' data, so finding a way to cut down the time they spent on assessments so they could proactively manage their security was not just a challenge for them, but a goal.

CyberGRX helps ComplySci cut down the time they spend filling out assessments by 30%, enabling them to focus on proactively managing their security and safeguarding customers’ data.

How CyberGRX Helped

During the summer of 2017, one of ComplySci’s customers requested a tier 1 CyberGRX assessment on ComplySci. Tier 1 assessments are the most comprehensive CyberGRX offers, with an onsite or remote validation option. The assessment and validation were completed within a few weeks, and the final assessment data has become a valuable, force-multiplier tool for ComplySci.

Once a tier 1 assessment is complete, it automatically populates CyberGRX tier 2 and tier 3 assessments. These assessments are still comprehensive but come with different levels of validation. Since completing the tier 1, ComplySci has begun proactively sharing their tier 3 assessment with their other customers and partners.

During their first proactive share, their upstream business partner declared the CyberGRX tier 3 was the most comprehensive assessment they’ve received and agreed to use that report in place of their own due diligence reports.

ComplySci’s upstream partner declared the CyberGRX tier 3 was the most comprehensive assessment they’ve received and agreed to use it in place of their own.

Results

As ComplySci continues to proactively share their CyberGRX assessment with their customers, they continue to cut down the amount of additional due diligence reports. Since completing their tier 1 report and sharing it with the initial ordering customer, they have also shared it with 10 of their other upstream partners.

That’s 10 fewer assessments they will have to do this year. Over the course of the next year, ComplySci believes they will be able to reduce the amount of time they spend on filling in assessments by 30% and spend more time on proactive security management. In addition, ComplySci plans to order CyberGRX assessments on some of their own vendors.

"The CyberGRX assessment process was comprehensive, yet seamless. The standardized assessment and their global risk information Exchange will help us save 200 hours or more traditionally spent on filling in assessments, so we can apply that time on proactively managing our security for our clients."

 

- George McKevitt PhD, ComplySci CTO