Assurekit streamlines compliance against SOC 2, GDPR, ISO 27001, 27017 & 27018 using GRC automation

---

Assurekit is building APAC’s first insurance gateway to streamline insurance distribution and incorporate insurance into businesses through a cloud-based infrastructure. Its ready-made integrations and end-to-end single management platform make insurance distribution effortless with quick deployment, simple management, and the capacity to produce multiple contextual products. 

Insurance processing requires a plethora of sensitive information across individuals’ identity, health status, earnings, etc., and Assurekit wanted to establish industry best practices in managing a strong Information Management Security System.

To communicate a strong Information Security and data privacy posture to their customers and partners, they needed to comply with industry-standard frameworks, namely, SOC 2, ISO 27001, ISO 27017, ISO 27018, and GDPR. But to manage five security audits and to continuously monitor their risks even after the audits, they were looking for a GRC automation solution to streamline their infosec activities – and after evaluating several platforms, they onboarded Scrut.

With Scrut, Assurekit managed the arduous tasks of five compliance audits with significant ease. More importantly, the Scrut platform became the single source of truth for managing their infosec posture continuously. It provided the team with complete observability of risks associated with their cloud assets – compute, DBs and containers.