AUTOMATINGDSS NISPOM CHANGE 2CO M P L I A N C E

HOW CONTINUOUS EVALUATION

HELPS MITIGATE WORKFORCE RISK

The DSS NISPOM Conforming Change 2 requirements are all about identifying the warning signs of workforce risk before they act. The fight against fraud and workforce risk has largely been approached with IT-based solutions designed to detect acts after they occur.

Continuous evaluation approaches the workforce risk problem from a more proactive and human perspective. People do not become risks in a vacuum..

A continuous evaluation platform continuously evaluates more than 25,000 external data sources to provide insight when there is an issue. The platform also provides tools and automated workflows for measuring, analyzing, and managing insight so organizations can act to manage risk before damage is done.

STOPWORKFORCE RISKBEFORE THEY ACT

2

C o n t i n u o u s e v a l u a t i o n a n d predictive analytics elevate and transform the role and capabilities of security professionals.

4

WHY CONTINUOUS EVALUATION?

Continuous evaluation can be implemented in 24-hours and they greatly reduce the administrative burden of DSS NISPOM compliance. Continuous evaluation is also significantly more effective at stopping workforce risk than periodic screenings.

A continuous evaluation platform provides everything necessary to measure, categorize, and analyze risk as well as customizable automated workflows for managing alerts.

KEY ADVANTAGES OF CONTINUOUS EVALUATION:

• Stops workforce risk BEFORE they act • Rapid implementation • Easy to use and maintain • Defensible legal, audit trail

5

ORIGINS OF CONTINUOUS EVALUATIONThe early origins of continuous evaluation started with efforts to help the FBI monitor domestic terrorism threats post 9/11. In just the past few years, thousands of new data sources have come online and been integrated into an automated alert system.

Continuous evaluation is no longer limited to government agencies. They represent a new and powerful tool for employers to fight workforce risk, reduce liability, and increase revenue.

Continuous evaluation brings cutting edge intelligence-based technology to the fight

against corporate fraud and workforce risk.

6

No IT Implementation ● SOC II Compliant Platform ● Identity Event Focuses

Employer receives privacy focused, secure alerts

for further client investigation

Employer loads identity roster into the

continuous risk evaluation platform

ENDERA’S PROPRIETARY DATA INTEGRATION AND

ID MATCHING ENABLE BUSINESS RELEVANT, IDENTITY-BASED RISK

FOCUSv

Endera platform provides daily scanning of

thousands of external data sources

NAME ADDRESS

DOB SSN

DAILY

HOW DOES CONTINUOUS EVALUATION WORK?

7

WHAT TYPES OF EVENTS ARE MONITORED?CONTINUOUS INSIGHT CAN EVALUATE MUCH MORE THAN CRIMINAL DATA AND EMPLOYERS HAVE FULL CONTROL OVER WHICH DATA SOURCES THEY USE.

CRIMINAL • Wants &

Warrants

• Bookings and Arrests

• Criminal History

• Sex Offenders Registrations

CIVIL • Bankruptcy

• Liens & Judgments

• Lawsuits

• Foreclosures

LICENSES • Professional

Licenses

• Healthcare Licenses

• Specialty Services

GLOBAL COMPLIANCE

• Sanctions

• Exclusions

• Disbarments

• Watch-Lists

• Most Wanted

8

10 CONTINUOUSEVALUATION

KEY BENEFITS OF

Failure to meet DSS NISPOM Change 2 requirements can lead to fines or the loss of critical business licenses. Government contractors with covered employees need a way to reduce the administrative burden of meeting regulations, while also establishing best of breed employee monitoring.

Continuous evaluation is the fastest, easiest, and most cost-effective way to know when there is an issue. There is no other way that employers can achieve a “set and forget” continuous evaluating system with virtually no implementation effort.

Continuous evaluation is also a company’s best chance to stop workforce risk BEFORE damage is done.

9

1

Every year more regulations are created in an effort to fight workforce risk, protect sensitive information, and keep people safe.

MEET DSS NISPOM CHANGE 2 REQUIREMENTS

WITH EASE

The FBI and other government agencies have relied on continuous evaluation are for over a decade to keep Americans safe and to safeguard national security.

Continuous evaluation has been consistently proven effective in the ultimate zero-tolerance environment where any oversight can lead to mass casualties.

Recent advancements in technology now bring the effectiveness of continuous evaluation to the private sector at a cost and administrative burden lower than traditional screening methods.

10

2 PROVEN RESULTS WHEN IT MATTERS MOST

The first ever use of continuous evaluation was for flight school attendees post 9/11.

We’ve talked to hundreds of security leaders and the one common challenge we always hear is how hard it is to measure and proactively manage risk.

Do sub-contractors pose more threat than full-time employees? Which locations presents the most risk? Are workforce risk detection resources focused on the right populations? What is the risk level in the finance department? How can workforce risk be quantified and is it increasing or decreasing?

C o n t i n u o u s e v a l u a t i o n a n d supporting analytics finally make answering these questions possible.

3RISK ANALYTICSLIKE YOU HAVE

ALWAYS WANTED

11

According to Gartner analyst, Avivah Litan, about 80% of workforce risk can be caught by evaluating employees’ behaviors and the pressures they face in their personal lives.

This means that most workforce risks can be identified BEFORE they act by monitoring public data about their personal lives.

Companies must choose between managing risk or managing crises. Continuous evaluation provide the opportunity to eliminate risks before they become crises.

12

4 STOP WORKFORCE RISK BEFORE THEY HAPPEN

“About 80% of insider threats can be caught using rules and monitoring employees’ behaviors and the pressures they face in their personal lives”

- Avivah Litan, Gartner

There is typically a trade-off between cost and effectiveness, but sometimes disruptive technological advancements can deliver solutions that cost less and are more effective.

Continuous evaluation use cloud technology, data analytics, and APIs to provide continuous evaluating without any significant implementation or maintenance.

The automation and scale of continuous evaluation makes it possible to continuously evaluate 20,000 external data sources for 365 days for less cost than a single traditional background screening.

13

5SAVE TIMEAND MONEY

The average time to deploy continuous evaluation in an organization is 24 hours.

Evaluating employees who work in the corporate headquarters is difficult enough, but covered employees are often on government client sites. Government contractors need an early warning system to keep watch over employees operating without manager supervision.

Continuous evaluation provide employers an opportunity to identify potential problems before your customers notice.

14

6 MAINTAIN OVERSIGHT AT ALL TIMES

It is not the client’s responsibility to evaluate a contractor’s employees. If a client

has to report a bad action by one of a contractor’s employees, that client may not

be a customer for long.

Continuous evaluation is an important differentiator for service providers.

A company that can assure its government clients that its workforce is continuously evaluated has a clear advantage over one that can’t make that promise.

Most covered employees are working with sensitive data, you can bet that government clients appreciate the peace of mind provided by continuous evaluation.

15

7

Who would you choose to manage your secrets? A contractor that uses continuous

evaluation or one that only provides pre-hire screening?

TURN A COST CENTER INTO A COMPETITIVE

ADVANTAGE

It only takes a single event to do irreparable harm to brand equity earned over years of effort. Government security breaches are almost certain to make the headlines, and most government contractors cannot withstand the legal expenses and lost revenue that comes with a significant, newsworthy breach.

Organizations have a responsibility to take every reasonable effort to prevent workforce risk. Continuous evaluation provides an efficient and inexpensive way to deliver on that responsibility.

16

8 PROTECT THE COMPANY BRAND

The average cost per negligent retention lawsuit is $1,000,750.

Continuous evaluation is also used to make sure that key licenses and certifications are kept current. This is particularly important in industries where employees must have a driver’s license or maintain professional or medical certifications.

A surprisingly common result of continuous evaluation are the discovery of deceased employees with active access privileges. Imagine how much criminal and questionable civil behavior typically occurs without an employer’s knowledge when employers struggle just to keep track of which employees are still alive.

18

9 NOT JUST CRIMINAL DATA: KEEP YOUR RECORDS UP TO DATE

One enterprise company used continuous evaluation to learn that 14 people with active

access privileges were actually deceased.

Endera automatically evaluates 25K+ external data sources, processing data points daily to deliver accurate and relevant insights, in the form of dashboards, notifications and alerts, so you can act before incidents happen.

Our secure, easy-to-use, cloud-based platform, is available as an identity-based, subscription service, accessible from any web browser without any software for IT to install. Originally developed for the federal government to help the FBI, post 9/11 and subsequently for the Department of Homeland Security, Endera helps organizations detect and reduce workforce risk.

Contact us at sales@endera.com or call 1-855-373-0977

Want to see exactly how Endera can help protect your employees and your brand? Join us for a personalized demo:

17

ABOUT

https://endera.com/live-demo/