NetVision has heard from its customers loud and clear that the holy grail of compliance reporting is enabling actual answers rather than just piles of data. In this SC Magazine article, titled Answers, Not Data: The Key to Access Security, NetVision CEO David Rowe explains how next generation compliance solutions will be focused on answers and continuous audit rather than periodic audits that generate confusing or obfuscated data sets.
In this article from CFO magazine, the author discusses the value of Continuous Audit. He tells the story of Harrah’s Entertainment and their 24×7 approach to audit. One interesting quote:
Increasingly, though, individual practitioners see the cutting edge as auditing 100% of data relating to transactions, processes, policies, or whatever else is to be audited, rather than reviewing small samplings at longer intervals, as many organizations still do
You might be thinking easier said than done. But getting back to the original point, with Continuous Audit, 100% sample is actually easily accomplished because every relevant event can be parsed through a policy filter and flagged when appropriate.
NetVision has recognized the value of Continuous Audit for more than a decade. We believe there are two sides to an effective audit program – (1) current state assessment and (2) real-time monitoring. And we hear from our customers that (like Harrah’s) they see real value in including real-time monitoring. Putting Continuous Audit in place makes compliance audits move quicker and cost less. …not to mention the obvious benefits to security.