Anthology’s commitment to compliance elevates edtech standards

by: A-LIGN 5 min

WS Anthology feature 1 0

Anthology provides education and technology solutions to help students reach their full potential and support learning institutions. Their ecosystem includes flagship SaaS solutions like Blackboard®, Anthology® Student, and Anthology® Reach, inspiring educators and institutions with innovative tools.

Anthology has a steadfast commitment to information security, compliance, and operational integrity, while continually building trust with clients and stakeholders. To bolster these efforts, Anthology partners with A-LIGN to achieve SOC attestations, ISO/IEC certifications, and StateRAMP and FedRAMP Authorizations.

The challenge: Company merger, audit consolidation, and federal compliance regulations

Anthology merged with Blackboard in 2021 to offer an education technology ecosystem across academic, administrative and student engagement applications. With a renewed company vision, Anthology refined their cybersecurity compliance strategy to align with growing demands of clients, industry trends, and regulatory requirements.

After to the merger, Anthology was leveraging multiple audit firms to support numerous certifications. It was costly and inefficient to manage frequent audits with multiple providers and overlapping cycles. Gathering evidence and documentation was time consuming, making it difficult to maintain a unified compliance strategy across different auditors.

The culture of security needs to be there before, during, and after the audit. This is how our entire organization comes together to achieve these credentials for the benefit of our clients.  From sales to engineering to support, we are all working together to exceed client expectations for our offerings and security is paramount in that regard.”

Nicole Anderson

Director of Governance, Risk, and Compliance

Anthology serves many government clients and needs to protect their sensitive data from sophisticated cyberthreats like ransomware and phishing. Meeting strict security standards like FedRAMP, StateRAMP, and DOD Impact Level 4 helps Anthology build trust with its government clients.

In addition, Anthology upholds stringent data protection standards due to global privacy laws like GDPR and the company leverages advanced technologies to ensure proactive threat identification and mitigation. To fulfill all these demands, Anthology required an experienced and reputable provider to consolidate audit efforts across a variety of attestations and certifications.

The solution: Federal compliance expertise and harmonized audit processes

Anthology views A-LIGN as not just a service provider, but a true compliance partner. Working with A-LIGN, Anthology has a streamlined, cost-effective, high-quality approach to achieving and maintaining critical certifications.

Thanks to careful planning and clear communication, the audit process has been smooth and effective. Working with A-LIGN, Anthology simplified the collection of audit documents to reduce overlap, improve accuracy, and be better prepared. By organizing everything centrally and using consistent formats, they avoid last-minute requests and rework, saving time and resources.

Anthology values A-LIGN’s collaborative approach that provides tailored solutions and quick resolution of queries. A-LIGN matches controls across multiple frameworks, simplifying the audit process for consistency and minimizing duplication. Bundling services across frameworks has also provided cost efficiencies and reduced repetition. By using a single audit provider for all their federal and commercial assessments, Anthology ensures they receive high-quality audit reports that accurately communicate their secure systems to government agency clients.

We chose A-LIGN as our auditor because of their deep experience and recognized expertise in FedRAMP, StateRAMP, ISO and SOC, offering end-to-end support for our compliance efforts. A-LIGN has responsive and knowledgeable teams which ensures quick resolution of queries or challenges during the audit process as well as ongoing support beyond the audit.”

Nicole Anderson

Director of Governance, Risk, and Compliance

Anthology leverages A-LIGN’s compliance management platform, A-SCEND, to centralize evidence collection and consolidate audit artifacts, reducing time spent on evidence collection by 20% and reusing evidence across frameworks. This builds trust with clients and stakeholders, validating Anthology’s adherence to globally recognized standards for managing risks, protecting sensitive data, and ensuring strong internal controls.

Looking towards the future

By fostering a strong security culture, Anthology maintains security across all offerings, ensuring credential validity for clients and compliance with evolving regulations. Our broad partnership and audit of several Anthology offerings is supported by the deep expertise of their engineering teams, enabling us to do a thorough assessment on behalf of Anthology and their end clients.

To support its government clients, Anthology continues to meet expanding security requirements like FedRAMP Moderate and DOD IL4, safeguarding PII and sensitive materials. Continuous compliance programs and client feedback through Anthology’s Idea Exchange keep the company’s offerings at the forefront of industry trends, ensuring success and trust for years to come.

About Anthology

Anthology delivers education and technology solutions so that students can reach their full potential and learning institutions thrive. Millions of students around the world are supported throughout their education journey via Anthology’s ecosystem of flagship SaaS solutions and supporting services, including the award-winning Blackboard® (LMS), Anthology® Student (SIS/ERP), and Anthology® Reach (CRM). Through the Power of Together™, we are uniquely inspiring educators and institutions with innovation that is meaningful, simple, and intelligent to help customers redefine what’s possible and create life-changing opportunities for people everywhere. anthology.com