Avertro has been selected by CPA Australia to stay on top of regulatory compliance requirements and protect the Personally Identifiable Information (PII) held within its networks.
CPA partnered with Avertro to manage, measure, and report on its cybersecurity performance using Avertro’s CyberHQ platform.
The organisation needed a strategic solution that extends beyond standard Governance, Risk and Compliance (GRC) functionality to comprehensively integrate aspects such as business risk, capability maturity, issues, strategy, and supply chain risks to better manage, measure, and report on overall cybersecurity posture. CPA also needed to demonstrate its effectiveness to stakeholders, senior leadership, its board, and the audit committee in ways that each could comprehend and be empowered to make decisions.
By partnering with Avertro, CPA saved:
- 70% of the time and cost of cyber assurance activities
- 90% of the time needed to create board and executive reports
- 80% of the time and money needed for strategy alignment and benefits realisation activities
- 60% of the time and effort required when assessing and maintaining internal and external engagements
Nigel Hedges, Head of Security at CPA, commented, “Avertro provides an accurate and holistic view of our cyber resilience. Every day I can log in and see where my team and I need to focus our efforts. It also provides us with fit-for-purpose reporting capabilities on risks and improvement opportunities that I can easily share with business executives. This has resulted in them being more confident in our cybersecurity posture.”
The Avertro solution included four key parts:
- Maturity Assessment: To assess CPA’s maturity against leading industry and regulatory frameworks like NIST CSF, ISO 27001, and others, the Avertro platform delivers a Capability Assessment module that can harmonise across standards and is always accessible with up-to-date data.
- Reducing Supply Chain Risk: To monitor the security posture of third parties, the use of the Third-Party Risk module enables CPA to assess suppliers seamlessly, track their responses, and report normalised results that provide a holistic view of its Supply Chain Risk.
- Translating Cybersecurity Improvements to the Executive Team: Reporting capabilities that allow CPA to generate visualisations and insights easily whilst removing manual processes and delivering it in a way that executives and the board can understand saves time and provides confidence in the data.
- Strategy and Program Activities: To set the cybersecurity strategy in alignment with overall business goals, CPA ensures program activities not only contribute to its risk and maturity postures, but also to the overall corporate strategy. A feature like this enables CPA to invest in activities that uplift control effectiveness, improve overall cyber resilience, and make forward projections on committed outcomes.
Ian Yip, CEO of Avertro, said, “Australian innovations are better placed to accelerate globally when organisations like CPA Australia show leadership by working with sovereign businesses. We are grateful for the support that Nigel and his team have shown and look forward to continuing the partnership.”
