Case Study: Major University Division achieves 77% faster vulnerability response and 100% remediation with NAVEX IRM

Major University with Diverse Requirements Automates Information Security

A major university biosciences division with 5,000 faculty and staff spread across 32 departments faced fragmented IT ownership, inconsistent security controls, duplicated effort and heightened risk from an open research culture — all while needing to meet FISMA requirements without adding headcount. These silos prevented a comprehensive view of IT risk and made vulnerability management inefficient and uneven.

The division implemented NAVEX IRM, doing process mapping, asset inventorying and CIA scoring, then automating vulnerability scanning, Priority Impact Analysis and role-based dashboards and notifications. The result was cross-department buy-in, a 77% reduction in response time, 100% of vulnerabilities addressed, stronger accountability and simpler compliance with FISMA Moderate controls.