Changing the world of compliance audit

We support hundreds of ambitious technology companies in 20+ countries looking to earn and keep the trust of their dream customers.

alab-compliance-standard-badges-v3
assurancelab-13-countries-audit-support-image-1
Sine-logo
Plexure-logo
salestrekker-logo
Nano-logo
Livepro-logo
Livehire-logo
Inlogik-logo
Humanforce-logo
Data-zoo-logo
Enboarder-logo
Dropsuite-logo
Checkbox-logo
Bravura-solutions-logo
rockt-logo
Civic Ledger Logo_Navy_Official
Team image_December 2023
GET TO KNOW US

The auditors you’ve always wanted

We founded AssuranceLab to create a new and better approach to audits, so you can comply with standards your way.

Our compliance data model and agile audit approach tailors compliance to your business. This helps you to improve incrementally and avoid big, disruptive audits.

Our team of experienced audit and technology professionals will work closely with yours to turn compliance from a headache into a competitive advantage.

We’re the auditors you actually want to work with!

WHY US

Audit services that
scale with you

We’ve grown with our clients

We started out as specialists in startups seeking their first compliance milestones to build trust with strategic customers.

We’ve since expanded into multi-framework compliance for scaleups, and developed our signature tailored approach that excels for our larger clients managing up to 26,000 people globally.

Your needs change as you grow. So does our service.

alab-why-us-team-working-together-1

WHO WE WORK WITH

We cover each stage of your growth journey

alab-startup-icon

For startups

You want to build trust with your target customers, but also minimise costs and avoid over-complicating or burdening your operations.

Our Minimum Viable Compliance frameworks are the simplest, fastest, and most cost-effective way to achieve your first compliance milestone to unlock compliance-powered growth.

alab-scaleup-icon

For scaleups

You want strong foundations for scale. That includes managing your data, employees, risks and compliance obligations in a way that minimises the compliance burden.

Our signature tailored audits, with multi-framework options, lay strong compliance foundations that fit your way of operating. Our audits enable rather than hinder fast growth.

alab-enterprise-icon

For enterprise

You are juggling broad customer needs, global compliance obligations, and large teams. It’s so important for compliance to enable and not block them.

With our signature tailored audits and access to our expert centre, you’ll always find a way to adapt your compliance to what fits your broader company goals, culture, and ways of working.

REACH A NEW STANDARD

Show the world your standards earn trust

alab-soc-2-icon

SOC 2

Trust services criteria to satisfy a broad customer base globally for security, availability, confidentiality, privacy and processing integrity.

alab-csa-star-icon

CSA STAR

A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register.

alab-hipaa-icon

HIPAA

The de facto global and best practice standard for proving secure handling of electronic protected health information (ePHI).

alab-iso-27001-icon

ISO 27001

An international framework to apply a structured and best practice methodology for managing information security.

alab-cdr-icon

Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation.

alab-custom-framework-icon

Custom Frameworks

Manage any compliance obligations from customers, regulators or your own internal risk requirements with custom frameworks.

alab-esg-icon

ESG Reporting

A flexible and lightweight framework to report up to 500+ positive impact activities supporting environmental, social and governance (ESG) objectives.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

alab-blended-audits-icon

Blended Audits

Combine two or more compliance frameworks into a single blended audit process without duplication to scale trust, not costs and effort.

OUR PRODUCTS

We enable better compliance practices globally through innovative solutions

The always-free GRC platform that powers trust for hundreds of technology companies
Leverage Pillar to assess your compliance status, mapping to one or multiple frameworks, and prepare your audit-ready compliance program. Pillar is the most advanced platform for covering multiple standards in one audit process to avoid duplication.

Pillar adapts to your organisation’s unique way of working. Its data model profiles your context, systems, and processes to align your compliance program your own way.

Enable continuous incremental improvement, and audits at your own pace, with Pillar.
pillar-product-image@2x
Our 40-minute policy generator; a better alternative to cookie-cutter templates
Use PolicyTree to roll out your tailored set of compliance and trust-building documentation adapted to your unique way of operating. Avoid risky reliance on cookie-cutter templates and consultants who don’t necessarily understand the nuances of your company.
 
After answering a single, comprehensive survey covering all aspects of your compliance program and business, you will receive a complete set of up to 21 fit-for-purpose and ready-to-use policies and your compliance system description.
 
With a package accessible to startups, there’s no reason to wait for better policies that actually safeguard your future.
policyTree-product-image

FREE GUIDE

Get our comprehensive guide to SOC 2

The gold standard when it comes to earning the trust of your dream customers

assurancelab soc2 booklet cover Jan2023

We’ve prepared a free guide for leaders who think their next phase of growth will require a security and compliance focus.

Our SOC 2 Guide Includes:

5 reasons startups get accredited

2 strategies for compliance

SOC 2 vs. ISO 27001

Compliance platforms

Costs, timeline and what to expect

FEATURED RESOURCES

Content to help you understand and achieve your compliance goals

CLIENT CASE STUDIES

We’ve helped over 200 trailblazers to level up their compliance game

quote icon
“I don’t say this lightly, but we are super stoked that we chose to work with AssuranceLab who have made the audit such a pleasant experience.”
guido-santo-cybersecurity-circle-90x90px
Guido Santo
VP Cybersecurity
rockt-case-study-tag

 

Rokt levels up their security program from ISO 27001 to SOC 2

Rokt were already ISO 27001 certified and SOC 2 covers similar controls. However according to Rokt’s VP Cybersecurity, Guido Santo, SOC 2 results in a more granular audit report which customer security teams find more useful.
quote icon
“Taking things in bite-sized chunks enabled us to action things within the business as we went rather than having a big bang approach.”
brad-shaw-CEO livepro-90x90px-circle
Brad Shaw
CEO Livepro
livepro-case-study-tag
livepro achieves security prestige to win large business customers with SOC 2
Gaining SOC 2 accreditation was important to livepro's customers, providing security prestige in the market and helping livepro tighten up their operation with reference to best practices.

FAQ

Your questions answered

Where is AssuranceLab based?

Our HQ is in Sydney, Australia. We have team members scattered across Australia, New Zealand, Singapore, The US, Europe, China and The Philippines. We work with clients in over 20 countries, bringing our modern approach to auditing that all works asynchronously so you can complete audits at your own pace in your own way. We jump on calls as needed across time zones to provide personalised service and ensure you're on track to achieving your compliance goals.

What countries does AssuranceLab serve?

We have active clients in over 20 countries, including the United States, Australia, New Zealand, Singapore, Hong Kong, the Philippines, Vietnam, the United Kingdom, Ireland, France, India, Slovenia, and the Netherlands.

We can serve clients in any country with our offering of global standards, subject to language requirements and any country-specific regulations.

Does AssuranceLab provide consultancy services?

We do not design or implement our clients’ compliance activities. That’s prohibited for audit firms based on the independence requirements of the standards. We do offer tools and guides to help clients understand what is required and provide feedback on their state of compliance. Our audit services are often viewed as management consultancy to guide our clients on their security, compliance, and operations.

Which regulations and standards does AssuranceLab cover?

We work with clients to issue their attestations, assurance reports, and certifications for: SOC 1, SOC 2, HIPAA, GDPR, CPRA/CCPA, ISO 27001, ISO 27701, ISO 27017, ISO 27018, Consumer Data Right, CSA STAR Level Two, ESG Reporting, GRI Reporting, and CPS 234. We are expecting to add PCI DSS in 2023 and considering HITRUST and the CryptoCurrency Security Standard (CCSS). Our product maps to an additional 12 standards and frameworks including customer specific requirements, NIST and CSC, which are less commonly formally accredited and rather used as guides for your compliance activities. We are a CPA and CA audit firm, a certified CSA STAR Auditor, and an ISO certification body, which provides our credentials for the above standards and services.

Which compliance platforms does AssuranceLab work with?

As an audit firm that needs to retain independence from designing and implementing compliance, we naturally partner with complementary platforms and services companies. Our partners page includes many of these providers. Our only security compliance platform partner is Drata. We discontinued formal partnerships with other platforms to maintain our independence against the concerning market trends, and to optimise our audit process for users of Drata’s leading platform that we use ourselves for our own compliance. We can provide our audit services to clients using any combination of software products, regardless of our formal partnerships and affiliations.
five-star-icon

Testimonials

Hear more from our clients

'We have had the most seamless and great relationship. AssuranceLab has taken care of us every step of the way, helping us get through the dreaded audits in a way that actually isn't stressful or overwhelming.'
catherine-fromont-90x90px-circle
Catherine Fromont
People and Operations
'AssuranceLab always responded to our questions quickly and their explanations were clear and efficient. That helped us better understand our controls and make improvements to make them more efficient and manage compliance better.'
Huy Dang Nguyen
Senior Security Specialist
'AssuranceLab was supportive and responsive throughout the entire process... (their) agile approach fit well. They were always just a phone call away and would match the speed we were going for any given week.'
tristan-cole-circle-90x90px
Tristan Cole
CTO
'This flexible process allowed us time to make changes while catering to the business needs. It contributes to making the audit faster, simpler and for us to understand the processes better.'
adrian-loke-90x90px-circle
Adrian Loke
Director of Infrastructure

 

'AssuranceLab listened to understand our unique issues and helped guide us through the audit process in a way that made sense for us.'

brad-shaw-CEO livepro-90x90px-circle
Brad Shaw
CEO
'We found the whole process to become SOC 2 Type I and then SOC 2 Type II was a complex problem made easy by AssuranceLab. Whenever we had a query about anything the responses were prompt and thoughtful.'
robert-sumsion-90x90px-circle
Robert Sumsion
Head of Security

 

'The key was in the simplification of the audit requirement. AssuranceLab speaks a language the customer can understand. This is critical.'

paul-lubkik-circle-90x90px
Paul Lubik
Consultant

GET IN CONTACT

Get started your way

We’re ready when you are

Can’t wait?

Our free products help you get started without any fuss:

pillar-tab-button-normal

The always-free GRC platform that powers trust for hundreds of technology companies.

policytree-tab-button-normal (1)

Our 40-minute policy generator; a new alternative to templates and consultants.