Customers in Cequence’s target market, such as banks and online retail companies, expect the company to be compliance certified – it’s a baseline requirement. Cequence was looking for an automation tool that would help them get re-certified for SOC 2 Type 1 within a tight 30-day schedule. Given the deadline, said program manager Cindy Haynam, “our need was dire!”
Cindy had led a PCI re-certification project for the company several months earlier, using the traditional manual compliance audit readiness approach with spreadsheets for tracking tasks, endless file transfers, and the lack of a common data repository between client and auditor. The biggest drawbacks were communication between her and the auditors, trying to keep track of project tasks with spreadsheets, and keeping spreadsheets in sync as multiple people added edits. The whole effort was tedious and very time-consuming. As Cindy commented, she and the rest of the Cequence team would far rather spend time on more value-added work.
Given the PCI experience, Cindy was eager to find an automation solution that would take as much as possible of the inefficient manual work out of compliance.
Cindy Haynam
Program Manager, Cequence Security
Cequence had an existing set of SOC 2 policies that they wished to continue to use for their recertification. Akitra integrated these into its compliance platform and mapped them to all the controls required to implement the policies to SOC 2 standards.
Akitra’s Customer Success team ensured that Cindy got the level of support she needed. “Throughout the compliance readiness phase, I relied heavily on Akitra’s expertise – for example, telling me which controls mattered most and how to match the right evidence with any gaps. Akitra spent hours with me, and it was extremely beneficial.”
Cindy cited Akitra’s assistance with the external audit phase as well. She said that she only had to meet with the auditor a single time, for the kickoff with the lead auditor. “Akitra took it from there,” she said.
“It was great to not have to worry about the audit.”
Cequence had an existing set of SOC 2 policies that they wished to continue to use for their recertification. Akitra integrated these into its compliance platform and mapped them to all the controls required to implement the policies to SOC 2 standards.
Akitra’s Customer Success team ensured that Cindy got the level of support she needed. “Throughout the compliance readiness phase, I relied heavily on Akitra’s expertise – for example, telling me which controls mattered most and how to match the right evidence with any gaps. Akitra spent hours with me, and it was extremely beneficial.”
Cindy cited Akitra’s assistance with the external audit phase as well. She said that she only had to meet with the auditor a single time, for the kickoff with the lead auditor. “Akitra took it from there,” she said.
“It was great to not have to worry about the audit.”
We will use Akitra for our PCI DSS compliance as well and since 70-80% of the evidence is the same for both frameworks, using a single compliance platform is a significant savings in time and money.
Akitra, a G2 High Performer, streamlines compliance, reduces risk, and simplifies audits
Akitra, a G2 High Performer, streamlines compliance, reduces risk, and simplifies audits
Akitra, a G2 High Performer, streamlines compliance, reduces risk, and simplifies audits
