Lazarus Alliance

Lazarus Alliance is an information technology Security, Governance, Risk and Compliance (IT GRC) firm founded in 2000. The company provides IT audit and compliance services, risk assessment and management, and governance and policy development. As a veteran-owned business, Lazarus Alliance holds multiple accreditations and certifications across various regulatory frameworks. The company is accredited as a FedRAMP Third Party Assessment Organization (3PAO), authorized to conduct security assessments for cloud service providers serving federal agencies. Lazarus Alliance also performs assessments for healthcare organizations (HIPAA, HITECH, Meaningful Use, NIST 800-66), serves as a Qualified Security Assessor for the Payment Card Industry, and conducts SSAE 16 (SOC 1), AT 101 (SOC 2), and SysTrust/WebTrust (SOC 3) assessments for service providers. Additional areas of expertise include NERC CIP, SOX 404, and ISO 27001/27002/27005 advisory services. The company has developed proprietary tools and methodologies including the IT Audit Machine (ITAM), The Policy Machine, Cybervisor, Continuum GRC, and the Holistic Operational Readiness Security Evaluation (HORSE Project). These solutions support organizations in achieving and maintaining compliance across multiple jurisdictions and regulatory requirements. Lazarus Alliance serves clients globally, helping them attain, maintain, and demonstrate compliance and information security requirements through standardized assessment approaches and continuous monitoring capabilities.