As a major health insurance organization in the US, the client needed comply with various regulations including SOC2. They had a well-defined but entirely spreadsheet-driven SOC2 assessment process. This led to long cycles of preparation for SOC2 certifications. They needed a way to automate their compliance cycle from releasing assessments to finalizing evidence.
INRY’s implementation of ServiceNow Policy and Compliance Management helped the client move to a more streamlined process to track compliance with SOC2 assessments.
![Casey’s HRIS team saves a ton of time and effort through better quality of requests-04](https://www.inry.com/hubfs/Casey%E2%80%99s%20HRIS%20team%20saves%20a%20ton%20of%20time%20and%20effort%20through%20better%20quality%20of%20requests-04.svg)
49 controls with 193 control instances were automated and the burden of managing compliance against those was reduced significantly
![Major US Health Insurance Organization streamlines SOC2 compliance with ServiceNow-02](https://www.inry.com/hubfs/Major%20US%20Health%20Insurance%20Organization%20streamlines%20SOC2%20compliance%20with%20ServiceNow-02.svg)
Automatic requests for evidence sent at periodic intervals eliminated the need for the Information Security team to send hundreds of emails
![Casey’s gets Facilities requests fulfilled much faster and more efficiently with ServiceNow-03](https://www.inry.com/hubfs/Casey%E2%80%99s%20gets%20Facilities%20requests%20fulfilled%20much%20faster%20and%20more%20efficiently%20with%20ServiceNow-03.svg)
104 Policy Exceptions were automated and a completely new workflow and request process was created and centralized within ServiceNow
![Major US Health Insurance Organization streamlines SOC2 compliance with ServiceNow-04](https://www.inry.com/hubfs/Major%20US%20Health%20Insurance%20Organization%20streamlines%20SOC2%20compliance%20with%20ServiceNow-04.svg)
Real-time dashboards provided operational insight and increased visibility into the number of assessments in progress and their status