Save Time and Steps with Ignyte’s Control Inheritance Automation


If you are managing multiple GRC frameworks for multiple environments, then you know how powerful it is to have clearly-defined and repeatable work processes to enable teams to work together efficiently.

To enable efficiency within the organization, Ignyte has launched common control provider capabilities within the platform for 100+ customers. Customers will now be able to save 1000’s of man hours by not having to recreate documentation, processes and organizational controls that are already captured and approved by siloed business units or operations within the Ignyte platform.

We are excited about the addition of Control Inheritance Automation in the platform. Let’s dive in.

Why Control Inheritance Automation?

All organizations face heavy overlap of repeatable and often redundant sets of practices, controls and documentation. These capabilities are often separated into shared services, common practices, entity level controls or simply a set of reusable practices. This is especially true within the cyber security industry for GRC professionals. GRC professionals struggle with enabling reusability within their operations.  Control inheritance is a small step towards solving this major issue within the GRC industry.  

NIST officially calls this capability a “Common Control Provider” (CCP). A CCP is a type of sub-organization or an individual that manages the lifecycle of enterprise or shared controls, documentation and practices for their organization. An organization can have many CCPs based on the size and maturity of their team. A CCP can also be working in tandem with cloud providers or the IT organization where most of the technical components are managed. Regardless of where and how the CCP pattern is applied, the key is to leverage a set of reusable practices within your organization. Within our platform, the CCP is a compliance system and designated controls acting as the parent that other systems can link to and inherit controls from.  

Benefits of Using Control Inheritance Automation

If you have multiple products within your business with different compliance requirements, Ignyte Inheritance will allow you to manage each of them separately while still taking advantage of any completed, overlapping work.

Your security team will be able to fine tune Ignyte to manage your security postures, frameworks, audits, policies, attestations, and more to meet the specific requirements of each environment in one place.

Note: The Inheritance capability is a paid feature with an additional cost per system. If you’re a Ignyte customer, your plan may already include Inheritance capabilities so be sure to connect with your success manager to verify.

How Does Control Inheritance Automation Work

This feature-set enables and pre-configures the most common inheritable traits such as allowing for inheriting of controls, documentation and POA&Ms. If you want more granular control on pre-configuration, visit “Enable Inheritance” in Settings to add or enable/disable. But, below are 5 key benefits and purposes why Ignyte leverages inheritance capabilities within the software: 

  1. Streamline Control Management: Inheritance within the Ignyte Assurance Platform simplifies control management by allowing organizations to apply common controls across multiple systems, reducing the need for repetitive modifications.
  2. Improve Efficiency: By enabling inheritance, organizations can make changes or updates in one system and have them automatically propagate to connected systems, saving time and effort in implementing control configurations.
  3. Ensure Consistency: Inheritance ensures consistent implementation of controls by synchronizing statuses, artifacts, comments, and points between systems, providing a unified and standardized approach across the organization.
  4. Simplify Configuration: The platform’s intuitive interface allows users to easily configure inheritance settings, including selecting the framework type, defining purposes, and customizing which elements are inherited, enabling organizations to tailor the inheritance process to their specific needs.
  5. Enhance Compliance: Inheritance, coupled with access control features, facilitates compliance with frameworks such as CMMC or NIST 800-171 by ensuring that controls and configurations are effectively applied within defined organizational boundaries, reducing compliance risks and improving audit readiness.

An example of how this works would be setting up two systems in the platform: 1) a “Corporate Enclave” and 2) a “Security Enclave” that are using the same compliance framework. Connecting the systems through Inheritance allows the sharing of control statuses and scales, linked artifacts, and control responses. Updating the “Corporate Enclave” (the parent) would reflect in the child or sub system “Security Enclave” cutting your workload in half.  

 

 

Get Started with Control Inheritance Automation

Create a new system in Ignyte for any sub-product, business unit, or framework that requires additional customization of controls and automated tests.

From there you can:

  • Reduce the workload, duplicative efforts, and back and forths of having separate frameworks for accounts for different purposes product lines.
  • Save time by monitoring and automating compliance for multiple business units, locations or products in one place.
  • Give auditors a single view of necessary evidence of compliance for all your frameworks and products.
  • Get peace of mind knowing that the Ignyte Platform is monitoring and informing you of any issues and failed controls you specifically set for each framework.

Finally eliminate workarounds and extra software to effectively manage your security and compliance posture across your products and business lines.

Our unrivaled pace of innovation is thanks to your feedback. We’re looking forward to seeing our growing, mid-market and enterprise customers put Ignyte’s Inheritance features to use to further simplify their compliance workflows.

To start utilizing Inheritance, schedule a demo with one of our team members today.

 

Stay up to date with everything Ignyte

Ignyte Platform becomes a third-party assessment organization (3PAO), now listed on the FedRAMP Marketplace - Read More

X