Live Webinar | 26 June 2025 9AM PT
From Black Box to Boardroom: Operationalizing Trust in AI Governance

Top-tier GRC for unmatched HRMS integrity

Location:
Hyderabad, India
Industry:
Enterprise Software
Vendor Management
Employee Training
Trust Vault
Discover why 1500+ companies trust Scrut
Book a Demo
Book a Demo
“Rolling out a great product is only half the job. Securing it with the right controls and processes is what defines its success in the market.”
Vijay Kumar
,
CISO, Keka HR

CONTEXT

Scaling up Governance, Risk, and Compliance

As a full-stack Human Resource Management Software used by over 2.5 million employees in 150+ countries, Keka aims to lead not just in product but also in platform security. To build an easy-to-manage, scalable security program, Keka chose the Scrut smartGRC™ platform after a thorough evaluation to upgrade their GRC processes.

CHALLENGES​

Overcoming security hindrances in deal closures

Vijay’s past experience with an MSSP made him cautious about external access to internal configurations. Keka wanted to move away from this high-risk approach and began looking for a SaaS-based platform to advance their GRC program. Scrut SmartGRC™ stood out as the preferred solution that could solve all the following challenges.

1. Vendor Delays

Managing vendor ecosystem

Vendor assessments typically involved lengthy email exchanges and manual scanning of websites to obtain the required information. As a result, the entire process was inaccurate and prone to delays.

2. Fragmented Processes

Structuring security program

Processes were susceptible to slippages. This meant there were efficiency gaps in documenting versions of different artifacts, conducting access reviews, launching employee trainings, and finalizing remediation measures.

3. Credibility Snags

Maintaining trust with prospects

To expand its customer base, Keka could not afford to lose valuable time in extended due diligence by prospects. Sourcing compliance artifacts like reports, policies, and subprocessor information from across departments was challenging.

Aptitude and reliability go hand in hand. While there are a lot of namesake tools in the market, Scrut’s efficiency is driven by a combination of the platform and their solid infosec expertise.

SOLUTION​

Aligning with Pillars of Focus

With a focus on closing gaps, the objective was to strengthen internal security processes. Once done, smoother compliances would follow. There were strategically significant areas where Scrut helped revamp processes for Keka, as per their unique infosec vision.

Robust controls are set up to incorporate mature processes. Every step and every change is now tracked.

Access reviews have been made more systematic and frequent by integrating active directories with Scrut.

Vendor risks are managed by tiering all assessed vendors into different risk categories for efficient mitigation.

Proactive monitoring by the committee is now possible by using insights from Scrut’s dashboards to conduct advanced drills.

IMPACT​

Modern Platform Driving Mature Practices

GRC Processes Made Proactive: Scrut SmartGRC™ simplifies finding and fixing gaps. Continuous control monitoring eliminates deviations. Real-time consolidated artifacts ease auditor reviews, with version logs and one-click requests making the process hassle-free.

Faster and Foolproof Vendor Assessments: Third-party risk management is now efficient. Detailed logs of the due diligence process are captured and the entire workflow — from sending questionnaires to responses and assessments — is completed on time without leaks or delays.

Adaptive and Scalable Program: Scaling GRC activities is streamlined. Monitoring, revoking, and granting access no longer requires spreadsheets. Training campaigns, score calculations, and policy reminders are automated with a click.

Improved Value Perception for Customers: Vijay wanted a custom page for detailed security reports. Scrut’s Trust Vault enabled this setup in minutes, securely displaying certifications and documentation allowing Keka to share privileged access that is NDA-based and time-gated.

Explore why our customers trust Scrut for their compliance needs
Book a Demo
Book a Demo
Table of contents
Subscribe to our newsletter
Get monthly updates and curated industry insights
Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to see what security-first GRC really looks like?

The Scrut Platform helps you move fast, stay compliant, and build securely from the start.

Book a Demo
Book a Demo