About Audit & Compliance Awareness Services

Lazarus Alliance Receives Accreditation as FedRAMP 3PAO

Lazarus Alliance 0 Comment

IT Cyber Security and GRC firm becomes authorized to validate Cloud Service Providers to new FedRAMP standards

Phoenix, Arizona, September 12, 2016 (Newswire.com) – Today, Lazarus Alliance Inc. announced that it has achieved accreditation as a FedRAMP (Federal Risk and Authorization Management Program) Third Party Assessment Organization (3PAO).

Lazarus Alliance Receives Accreditation as FedRAMP Third Party Assessment Organization

The FedRAMP program supports the U.S. government’s objective to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities, and Lazarus Alliance is one of the few accredited 3PAO firms in the world with this designation. With this certification, Lazarus Alliance is the only assessment firm authorized to conduct assessments for the federal government (3PAO), the Health-care industry (HIPAA, HITECH, Meaningful Use, NIST 800-66), the Payment Card Industry (Qualified Security Assessor), the Service Provider industry ((SSAE 16 (SOC 1), AT 101 (SOC 2), SysTrust / WebTrust (SOC 3)), NERC CIP, the Public sector (SOX 404), and advisors in ISO 27001, 27002, 27005 using the formidable combination of the IT Audit Machine (ITAM) and our Cybervisors.

FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. As a part of the FedRAMP process, cloud service providers (CSPs) must use a FedRAMP approved third party assessor to independently validate and verify that they meet the FedRAMP requirements.

“Even taking a pragmatic approach, the cloud raises a plethora of cyber security concerns for any business,” said Michael Peters, CEO at Lazarus Alliance. “For government agencies, these concerns can be even more sensitive since national security can be at risk and as the largest employer in the world, it goes way beyond that. The 3PAO accreditation further confirms Lazarus Alliance’s expertise in cloud cyber security, risk assessments and we look forward to working with CSPs around the world on their FedRAMP initiatives toward receiving an authority to operate (ATO).”

Lazarus Alliance is one of the very few organizations worldwide to obtain this classification as an inspection body to assess cloud systems for the federal government. FedRAMP is the first United States government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud-based services. In order to receive accreditation, Lazarus Alliance demonstrated an advanced level of technical proficiency and compliance experience. According to the A2LA, the “assessment process involves a rigorous evaluation of technical competence of the 3PAOs as well as an assessment of their compliance with international standards.”

Receiving the accreditation of 3PAO means Lazarus Alliance will be able to validate the security and control implementations that CSPs must provide in order to work with and provide cloud services to federal agencies. 3PAOs are critical to the FedRAMP program, as they demonstrate the independence and competency of CSPs that host the government’s most crucial data.

In addition to demonstrating the requisite technical competency in FISMA and independence and quality management to achieve 3PAO accreditation, Lazarus Alliance has diverse leadership experience in additional vital audit & compliance fields, risk assessment & management, and governance & policies. Lazarus Alliance staff members are heavily experienced in those respective industry regulations and are located across the United States.

Inquiries for FedRAMP services can be made with Lazarus Alliance at 877-896-7580 or at https://lazarusalliance.com/services/audit-compliance/fedramp/

[wp-booklet id=1442]

About Lazarus Alliance

Lazarus Alliance is a leading, independent information technology Security, Governance, Risk and Compliance (IT GRC) firm that provides IT Audit & Compliance, Risk Assessment & Management, Governance & Policies, and Cybervisor supported solutions. Founded in 2000, Lazarus Alliance is a proud veteran owned business and has been passionately on the cutting edge of IT security, risk, privacy, governance, cyberspace law and compliance leadership, innovation and services provided to the global community. With significant contributions and innovations such as the IT Audit Machine, The Policy Machine, Cybervisor, Continuum GRC, SafetyNET, the Holistic Operational Readiness Security Evaluation (HORSE Project)®, the Security Trifecta, Your Personal CXO, and other progressive initiatives, it’s no wonder that Lazarus Alliance has become a leading international name synonymous with incorruptible leadership, meaningful services, exceptional customer support and tangible innovations all specifically to prevent negative press and damage to our client’s companies, their shareholders, employees and customers. Lazarus Alliance’s primary purpose is to help organizations attain, maintain, and demonstrate compliance and information security excellence, in any jurisdiction. Contact us and learn more about Lazarus Alliance and why Lazarus Alliance is Proactive Cyber Security.

 

Awareness Continuum Services The Audit Machine

Why Excel is so Old-School and how to be Cool-School

Lazarus Alliance 0 Comment

Cool School -vs- Old School compares assessments done with Excel and the IT Audit Machine.
We get it. We completely understand why you still use Excel as an assessment and audit tool. We suffered through it just the same but we believe that working smarter and not harder which is why we invented ITAM.

The IT Audit Machine (ITAM) is the patent pending, industry changing assessment questionnaire creation tool designed specifically for the governance, risk and compliance (GRC) market space but where infinite possibilities exist even outside of the GRC and cybersecurity realms due to the intelligence and simplicity of the patent pending ITAM application framework.

Typical usage includes Audit and Compliance Assessments associated with FedRAMP, PCI DSS, HIPAA, Sarbanes Oxley, ISO 27001 and all others; Risk Management Assessments associated with ISO 27005, NIST Special Publications and all others; and Governance and Policy Development to describe a few but not all possible use cases.

Excel has big limits in space, accessibility, presentation, sustainability and formatting making it a poor choice for assessment and audit work. ITAM has flipped that paradigm upside-down with Big Data management, collaborative SaaS access, theme driven aesthetics, long term analytics and trending functionality, intelligent logic and notifications and so much more.

Our GRC solutions break industry paradigms that have plagued both client organizations and service providers alike. We’d like to show you how we have taken our real-world expertise and created GRC solutions that are being touted as game-changing technology. Call Continuum GRC software solutions today at 1-888-896-7580 and schedule a demonstration.

Simply put, Excel is so old-school and ITAM is so cool-school!

Visit ContinuumGRC.com to get more information about the IT Audit Machine.

About Careers

Senior IT Auditor: Lazarus Alliance Employment Opportunity

Lazarus Alliance 0 Comment

Lazarus Alliance is Proactive Cyber Security Services

We are excited that you are interested in this Lazarus Alliance Employment Opportunity. Please review these position highlights and complete the form below to initiate your consideration for employment.

Job Location:

Candidates must be United States citizens and reside within the continental United States to be considered.

Job Responsibilities:

In this position, you will be responsible for conducting IT audits, integrated IT/operations audits, Compliance testing and special projects as assigned. You will lead audits and deliver recommendations that add value to, and improve the efficiency of company operations.

All Lazarus Alliance employees are responsible for assisting in business development.

Responsibilities Include (but are not limited to):

  • Plan and perform internal audits to assess control design and effectiveness for information systems and SOX controls testing as outlined in the Annual Internal Audit Plan.
  • Supervise Information Systems Internal Audit engagements, as assigned.
  • Prepare audit programs, work papers detailing audit procedures, and ensure adequate audit evidence in accordance with departmental and professional standards.
  • Communicate audit findings and opportunities for improvement to management.
  • Assist the external auditors, as applicable.
  • Perform special projects of varying complexity and business focus as directed by Internal Audit Management. Provide IT audit assistance on financial, operational, and integrated audits.
  • Act as a department liaison to various PetSmart business functions and committees as determined by Internal Audit Department Management.
  • Develop and maintain relationships with various control owners and other constituents throughout the organization.
  • Understand and assess the Information Systems (IS) business area objectives, risks and controls to ensure significant risks are identified and appropriate controls are established to reduce risk to an acceptable level.
  • Develop and maintain knowledge of emerging professional standards, regulatory initiatives, and IT and retail industry trends and threats.

Education Required:

  • Bachelor’s degree in Information Systems, Business Administration, or other relevant analytical field.
  • Minimum of 3 years experience in IS/IT audit, information security, and/or compliance.

Certification Required: One or more of the following certifications is required:

  • Certified Information Systems Security Professional (CISSP)
  • Qualified Security Assessor (QSA) (Lazarus Alliance will sponsor QSA certification holders.)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Privacy Professional (CIPP)
  • Certified Internal Auditor (CIA)
  • Certified Information Security Manager (CISM)
  • Certified Public Accountant (CPA)

General Experience Required:

  • Working knowledge of IS/IT Auditing and Internal Auditing concepts.
  • Familiarity with some but preferably all of our core assessment frameworks including: PCI DSS, FedRAMP, HIPAA, Sarbanes Oxley 404, SSAE 16, ISO 27000, Safe Harbor and CIP NERC standards and compliance requirements.
  • Experience with internal control frameworks, professional audit standards, leading practices, security and trust models, and guidelines (e.g. HORSE, COSO, COBIT, NIST, ISO).
  • Working knowledge of business management concepts (i.e. objectives, risks, and controls).
  • Proven experience documenting and performing a full audit program to completion.
  • Good understanding of technologies and controls including those related to OS, database, network, and application security.
  • Ability to work effectively with all levels of management (technical and non-technical) and other colleagues, demonstrating strong initiative, mature judgment, professionalism, adaptability, and a customer service orientation.
  • Must possess a “can-do” attitude with excellent verbal and written communication skills.
  • Proactive in researching business best practice concepts in order to apply as appropriate.
  • Solid listening skills and ability to identify gaps in logic – inquisitive.
  • Strong planning, organization and time management skills.
  • Ability to work independently, productively and follow through on all responsibilities to bring projects to a successful conclusion.

Additional Training Provided by Lazarus Alliance:

Candidates will receive training in Lazarus Alliance proprietary technologies and methodologies unique to the industry including:

  • The IT Audit Machine®
  • The Policy Machine®
  • Continuum®
  • Your Personal CXO®
  • The Security Trifecta®
  • HORSE Project wiki®

About Lazarus Alliance:

Lazarus Alliance is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability, genetics, and protected veteran status, as well as any other characteristic protected by federal, state or local law.

Lazarus Alliance is Proactive Cyber Security®

Please complete the following: