Topia’s customers, many of them multinational corporations, needed Topia to be compliant with SOC 2 Type 2 and ISO 27001, the two dominant frameworks for
security compliance worldwide.
With his decades of experience in the field, Jason Tecson, Head of IT and Security, knew that achieving compliance with both of these frameworks was a tall order for his small team. To demonstrate Topia’s commitment to security, he turned to Akitra’s platform to meet his objective of achieving both SOC 2 Type 2 compliance and ISO 27001 certification.
Akitra’s comprehensive suite of customizable policies and controls was extremely useful for Topia. “Akitra’s policies and controls eliminated any need to rely on expensive outside resources like consultants and auditors to define our policies and controls,” said Jason.
A further benefit was the Akitra platform’s dashboard. “With Akitra’s dashboard, we always knew where we stood with the compliance audits: how much progress
had been made, what remained to be done, and where we needed to focus our efforts,” explained Jason.
Akitra’s solution also helped immensely at the external audit phase, usually dreaded by corporate security and compliance officers. “Normally, dealing with external audits is complex, requiring careful planning and coordination,” Jason said. “With the SaaS-based, shared compliance automation platform from Akitra that both we and our auditors use, the auditors never even have to come onsite – which is a huge time-saver and money-saver for everyone involved.”
Using Akitra’s compliance platform, Topia reduced the hard dollar costs of SOC 2 and ISO 27001 compliance by 50% at minimum. And, the savings were even greater if the soft dollar savings of reduced manpower requirements of compliance projects are factored in as well.
A huge benefit for Topia was being able to achieve ISO 27001 compliance, which is typically a one-year process. Without Akitra’s service, Jason admitted he would never have tackled ISO at all at this stage of Topia’s development. Leveraging the Akitra platform and the work already done for SOC 2 Type 2 compliance, he
successfully completed ISO 27001 compliance sooner than he expected.
An unexpected boon from SOC 2 Type 2 and ISO 27001 compliance has been speeding Topia’s sales process. “Since we completed these two compliance certifications, it has drastically reduced the number of security questionnaires that prospective customers ask us to fill out. I used to have to do over a dozen of these per quarter, with each one taking a week to complete,” estimated Jason. “That’s now reduced to a few questionnaires per quarter. It’s yet another competitive advantage for us.”