Using Akitra’s robust compliance software, Anvilogic saved countless hours of manual effort, and successfully obtained SOC 2 Type 1 compliance certification.
Being in the cybersecurity space, Anvilogic’s customers – companies such as eBay, TJX, PayPal and SurveyMonkey – are wary about the perceived data security and privacy risks of providing sensitive data to an outsourced service provider. In this age of digital disruption, security events such as ransomware attacks and data breaches are becoming more prevalent. In this environment, Anvilogic needed to achieve SOC 2 compliance certification in order to win the trust of their customers and prospects.
When Anvilogic decided to get SOC 2 Type 1 certified, as a young company they did not have the internal resources to undertake the process manually. As described by Anvilogic’s GRC Manager, Tracey Neal, “Emailing files, doing screen captures, retrieving log files from multiple people in different departments, plus endless back and forth with auditors including bringing them on-site for meetings, are all very time-consuming. We didn’t want to go through that again”. That’s why they decided to go with a compliance automation solution, such as Akitra’s, rather than doing it manually.
In a nutshell, the main reasons why Anvilogic chose Akitra are: automating the entire process, streamlining each step, shortening the time to complete evidence collection and become audit-ready, and ongoing time savings with renewals and the addition of other compliance frameworks in the future.
Other reasons why Anvilogic chose Akitra’s compliance automation solution:
1- The policies and controls on Akitra platform are customizable and easy to use. Also, the ability to support multiple frameworks, such as SOC 2, HIPAA, NIST 800-53 and ISO 27001, with one platform and essentially one core set of policies and controls, makes the process straight-forward.
2- Akitra’s industry-leading breadth of integrations with cloud platform services (AWS, Azure, GCP, etc.) and scores of other third party SaaS services enables continuous monitoring and automatic collection of evidence, critical for SOC 2 Type 2 and other frameworks.
Implementing Akitra’s Andromeda compliance automation solution enabled Anvilogic to efficiently obtain its SOC 2 Type 1 report within two months and with only a third of the effort required for their prior manual certification.
Akitra’s compliance automation solution enabled Anvilogic to save a lot of time and resources with coordination between auditors and team members, gathering evidence, and building a sustainable process for ongoing compliance.
1- Saved tremendous time and resources, reducing the total hours of work required by two-thirds while shortening the time expected to complete SOC 2 Type 2 by up to eight months.
2- Saved manpower and effort required for constant back and forth with auditors. “The multiple meetings with the auditors used to each require an hour’s time from up to 10 people from our company, back when we did it manually. With Akitra, the required time from each department is probably only one hour for the whole project!”
3- Helped Anvilogic achieve SOC 2 compliance to meet customer requirements and increase its customer base.
4- Saved on future costs of renewals and of moving forward with ISO 27001 and other frameworks such as NIST 800-53.“The ongoing relationship with Akitra will make it easy to keep certifications updated, using continuous compliance. Having gone through the process once, the rewards of time savings and ease of use will be ongoing with every certification renewal and every new framework added. I’m excited about the next one. Using Akitra makes my life easy!”, concluded Tracey.