Compliance

CyberGRX Logo

Snug Health has completed CyberGRX assessment which has been independently validated by CyberGRX partners, Deloitte and KPMG. Customers can leverage Snug Health’ CyberGRX report to reduce their supplier due-diligence burden. CyberGRX assessments apply a dynamic and comprehensive approach to third party risk assessment, replacing outdated static spreadsheets as well as the need to repetitively request access to Snug Health’ assessment each year. CyberGRX assessment provide advanced capabilities by integrating Snug Health’ responses with analytics, threat intelligence, and sophisticated risk models, based on known breach kill chains, to provide an in-depth view of Snughealth’s security posture.

Customers can use CyberGRX’s Framework Mapper feature which will allow them to map Snug Health’ assessment to commonly used industry frameworks and standards to instantly gain visibility into controls coverage.

Please fill out the form to access Snug Health’s complimentary CyberGRX assessment report.

How can I access Snug Health’s CyberGRX report?+

Please fill out the form to request access to Snug Health’s complimentary CyberGRX assessment report. Once your request has been approved, you will receive an email invitation with further instructions on how to access the report.

What outputs will Snug Health customers receive from CyberGRX?+

Customers will receive full access to Snug Health’s CyberGRX Vendor Profile.

Customers will have access to Snug Health’s CyberGRX Tier 2 Remote validated assessment. This features five control domains (Strategic, Operations, Core, Management, and Privacy), that include controls and sub-controls based on the following frameworks: FFIEC, ISO 27001, NIST 800-53, NIST 800- 171, NY-DFS, PCI DSS, SOC2.

Customers can use CyberGRX’s Framework Mapper feature which will allow them to map Snug Health’s assessment to commonly used industry frameworks and standards to instantly gain visibility into controls coverage.

How does CyberGRX validate Snug Health’s controls?+

CyberGRX partners with Deloitte and KPMG to perform evidence validation. CyberGRX validated assessments feature two phases: the self-assessment phase and the validation phase. Snug Health provided demonstrated evidence for 50 sub controls including all strength, coverage, and timeliness assertions through a detailed assessment spanning 150 questions. Customers can view the sub controls that were fully validated on Snug Health’s vendor profile page. Snug Health updates their validated CyberGRX assessment annually.

How often is Snug Health’s CyberGRX assessment updated?+

Snug Health’s CyberGRX assessment and evidence validation are updated annually. Once the assessment is updated, all Snug Health customers with access to Snug Health CyberGRX report will receive an email notification from the CyberGRX platform that Snug Health has updated their assessment.