The Auditmation phase sets the foundation for Continuous Controls prioritization and delivery. This phase centers on 3 intentional core steps (Discover, Design, Build) that enable compliance automation in any organization, regardless of source system mix.
Completed source system integrations (Bot builds) become part of Neverfail's Connector Library.
Identify controls and compliance objectives
IT controls and supporting systems are auto-ingested into the Continuous Controls platform to determine the number of test cases required. Maturation scores are assigned to source systems, based on their ability to be automated. This ultimately informs cost and design prioritization
Once the WIQ and Auditee onboarding has completed, you will need to provide Neverfail with the Github identity (Github profile email address). This will enable your access to the Terraform Files via a Github Repo, which precisely describe the set of virtual assets in AWS and Azure.
Bots and Connectors
AWS or Azure test suite functions are made available as binary files in an Artifactory repository Neverfail provisioned. Committing and pushing will trigger Github Actions, which will deploy each function to AWS Lambda or Azure Function App. Deployed functions will perform a callback, notifying Neverfail about it being online, which will trigger CTAC tests to begin. Azure and/or AWS test suites runs will default to a daily frequency.