Compliance and Risk Audits

Clareity brings an independent view, extensive ongoing research, and finely honed technical skills to all audit types including:

Information Security Audit

Every year Clareity gets calls when industry organizations have been hacked. A hacking incident can damage reputations, impede an organization’s ability to conduct business, and cause financial harm. Such incidents could often have been prevented had the business managers taken reasonable steps to protect the organization.

Clareity is the most experienced real estate security auditing firm, and provides security audits for many top MLSs, Associations, brokerages, and technology companies. The audit covers information security policies and procedures, human resources practices, physical security, networking, device configurations, OS and platform configurations/updates, software security, and more. The audit includes use of automated testing tools, manual testing, and proprietary Clareity checklists. Clareity will educate staff on use of each security tool and checklist, in as much depth as makes sense for your staff; using these tools, checklists, and methods will help your organization maintain security over time. If needed, Clareity will also evaluate SaaS contracts; Clareity will non-intrusively test and provide guidelines for evaluating the security posture of any third party software services that may be in use.

Jim Harrison“Clareity did a great job for us with the security audit. I can’t imagine any other firm providing an audit anywhere near as valuable and thorough as the services we received. [We] will be a much better operated company as a result of Clareity’s evaluation and advice.”

James Harrison, President & CEO, MLSListings

Steve Byrd“Clareity thoroughly reviewed CMLS operations and provided a detailed, prioritized list of the security risks facing our organization. They provided us with the information and tools we needed to make our systems more secure and to maintain better security over time. The follow-up has been great, too.”

Steve Byrd, Chief Information Officer, Carolina Multiple Listing Services

“The audit is very comprehensive. The information covered is exactly what we are looking for. Matt’s knowledge of the material is truly impressive and his ability to convey the information has made it easier for myself and my staff to understand.”

Martin Scrocchi, President & CEO, CDM (TransactionDesk)

“The security audit was a painless process that provided us with the tools necessary to ensure a secure MLS and membership database, for our members and disaster recovery plans to minimize service disruption.”

Rhonda Brittain, MLS Coordinator, Albuquerque Metropolitan Board of Realtors

“The experience was eye-opening, rewarding and a necessity for every organization that maintains membership information in their databases.”

Donald A. Hull, CEO, President, Consolidated MLS, Inc.

Risk Management Audit and Business Resumption Planning

Clareity helps organizations evaluate risk in a wide variety of areas including:

  • Physical Security
  • Flood/Water
  • Housekeeping
  • Fire Control
  • Electrical Power
  • Climate Control
  • Personnel
  • Computer Usage
  • Hardware
  • Software
  • Access/Data/File Controls
  • Communications/Network
  • Development
  • IT Operations
  • Telephone / Voice Mail
  • Contingency Planning

Clareity also helps organizations evaluate their Business Resumption Plan or draft a new one. This service is often performed in conjunction with an Information Security Audit, since there is some overlap in the assessment scope.

Tony Mastroianni“The time you spent here was invaluable.”

Tony Mastroianni, CTO, MLS Property Information Network, Inc.

IDX / VOW Compliance Review

MLSs must establish consistent auditing criteria and processes to avoid speculation or lawsuits regarding discrimination against broker and technology providers. Clareity’s IDX and VOW Compliance Review services help ensure that these highly technical audits are thorough and that standardized criteria are consistently applied. Clareity can provide complete auditing services or work with MLS staff to collaborate on audits.

Even if the MLS staff currently performs IDX and VOW compliance reviews, when a violation is suspected or confirmed, it can be valuable to have a third party like Clareity confirm the violation and provide an independent compliance report to avoid friction between the MLS and members or technology providers.

“Thanks for all your help with this. You made this very easy to implement and helped us find some things with our site we did not know about.”

Cheryl Abato, MLS Integration Coordinator, Weichert

“I wanted to thank you for the awakening call you’ve given us.”

David Elgrabli, President, Apply Media (RealtyMX)

Please contact Clareity today and let us know how we can help with your compliance and risk audits.