Solera | ISAE 3000
Solera is a software provider in the automotive and insurance industry. Solera’s mission today is 'to be the 80% intelligence to help customers manage the risk of a collision, mechanical or maintenance repair and service'. Solera provides solutions for general automotive information and information on insurance claims in the automotive industry.
Solera combines existing automotive data with advanced analysis techniques, using the results to make enhancements to their data and create more effective handling of claims. The solutions Solera offers are provided by different applications.
All Solera customers should be able to rely on the high standards for security of Solera. The simple question had a complex answer. There is no simple conclusion available since all applications have different application controls.
We analysed detailed information on each security risk in each application concentrating on uniformity in these risks and aligning the control framework to each risk on a company wide basis. solera was required to report in accordance with ISAE 3000 | SOC2 to the government. We started by implementing the Risklane ControlReports standard and developed a standard approach for Solera which was more efficient and professional than the existing standard.
We are currently in the process of applying statistical and machine learning techniques to model which controls are effective, could be performed more efficient or are redundant. Through hierarchical clustering, we are grouping similar risks together and used our analysis to create an effective control framework, which gives Solera a baseline for more efficient control.
We helped Solera quantify which controls are key for maximising security, and therefore gauge how to invest in the controls that are effective to drive success at lower costs and with less business disturbance. Armed with deeper insights into its risks, Solera is now better equipped to control risks better and report accordingly to customers. - improving both user experience and cost control.