Aventine Securities automates evidence collection
How Aventine Securities worked with us on automates evidence collection.
We collect evidence once now and it satisfies three frameworks. Audit season stopped being a sprint.Tara Ustinov, VP Sales, Aventine Securities
The challenge
Each audit meant weeks of screenshots and spreadsheet evidence, and the same control was tested separately for SOC 2, ISO 27001, and internal audit with no reuse between them.
Our approach
Access reviews moved into a workflow with automated pull of entitlements, sign-off, and a complete, timestamped evidence trail.
The result
Access-review exceptions became visible and were closed on cycle, and audit no longer required reconstructing who approved what.
Each audit meant weeks of screenshots and spreadsheet evidence, and the same control was tested separately for SOC 2, ISO 27001, and internal audit with no reuse between them. Access reviews moved into a workflow with automated pull of entitlements, sign-off, and a complete, timestamped evidence trail. Access-review exceptions became visible and were closed on cycle, and audit no longer required reconstructing who approved what.
This case study is written by the vendor and describes their own work. Outcomes have not been independently verified by RegTech Radar.