Market expansion with a
security-first approach
Location: Wilmington, Delaware, USA
Industry: SaaS
market expansion
journey
security questionnaires
CONTEXT
Aiming for the big guns
Maxim Lisovsky, CTO, SplitMetrics
“I needed a solution in which each team can perform their compliance-related tasks without hampering overall productivity – be it Engineering, Legal, or HR. With predefined workflows and centralized visibility, this is now a reality.”
CHALLENGES
Overcoming Fragmentation
Maxim knew that business growth needed infosec certifications backed by a robust security program. However, multiple challenges arose along the way.
Lack of expertise to manage complexities
Initially, the CTO-led compliance program lacked a dedicated security team, making it hard to navigate complexities. Risks were managed on spreadsheets, policy creation was cumbersome and vendor assessments were conducted manually.
Slower due diligence with prospects
Absence of certifications was making it difficult to close crucial deals. Lengthy security questionnaires of 100+ pages, required approval from multiple stakeholders, and took about 30 days to respond.
Limited visibility of progress
Disconnected GRC processes made tracking compliance gaps and audit readiness challenging. Lack of configurable workflows made it difficult to close mitigations for critical risks.
Unevenly distributed efforts
The lack of a unified platform led to operational challenges for a team that was already firefighting in their core responsibilities. Efforts to close gaps were often redundant or isolated.
The risk management features of Scrut, including inherent and residual risk tracking, have proven to be highly useful for our organization.
SOLUTION
A comprehensive platform for enterprise-grade GRC
- After a detailed gap assessment and remediation, pre-built policies were utilized to hit the ground running.
- Multi-level approvals were activated to align with Splitmetrics’ review processes.
- Detailed risk register was built out for effective risk mitigation through targeted controls.
- Vendor security assessments were streamlined via platform-triggered questionnaires.
- Scrut Agent (MDM) was activated and security trainings were launched to reduce employee risk.
Proven ROI with Scrut:
Download the Full Case Study Now
IMPACT
Globally demonstrable capability
Splitmetrics is They are not just more confident in their own security but are also tapping into other benefits.
Enterprise-grade Process Maturity
Splitmetrics is now able to manage more policies and risks, simplify vendor assessments, accelerate employee security training, and, continuously track security gaps.
Minimum bottlenecks in sales cycles
Centralizing GRC artifacts led to faster response capability for security questionnaires. Key metrics are visible on dashboards, and crucial information can be accessed at all times from the vault.
Actionable tracking and visibility
Dedicated evidence module helps centralize all documentation for audits. Detailed version logs are accessible at a click, and mitigating controls for each risk can be monitored easily.
Cross-team collaborations made easier
Scrut’s automated workflows, alerts, and reminders enabled the Splitmetrics teams to collaborate efficiently, save time, and facilitate compliance efforts, all from a single window.