How we're different: Our 10 value props

Our software and audit services combination has been iterated and refined over the last four years. There's 10 key value differentiators in our approach compared to the old way for audits and compliance.

Compliance is hard! 

 

It’s confusing, onerous, and can sideline other activities. But it’s also critical to building trust, lowering the friction of enterprise sales, and expanding into new markets.

 

We’re really proud of our role with the best, fast-growing, cloud services companies across Australia and New Zealand. Here are the 10 reasons our clients like working with us:

 

1. Agile audits - they way the rest of your business operates

 

The waterfall approach is where your team spends months preparing for the audit, planned to be conducted in a few weeks. But at that point you realise you’ve missed and misinterpreted things, spent way too much time on things that weren’t required, and your team is sidelined from their usual activities while the audit is going on. Agile audits just make more sense with better alignment to your auditor, iterative feedback and guidance, and less business disruption.

 

2. Automation - removing the complexity and onerous activities

 

The manual way for compliance includes assessing hundreds of operational activities, compliance attributes and pages of each of the standards. Managing that scale means things are missed, errors are made, and it’s rife with complexity. Our automation removes that so your humans and ours have a clear view to focus on what’s important.

 

3. Flexibility - things unexpectedly change, it’s critical to adapt

 

Business priorities and requirements frequently change, so it’s important your compliance program can too. We’ve changed scope, de-coupled compliance standards, re-ordered compliance plans and pulled off some great last minute accreditations, all without any added fees. We adapt to support the outcomes our clients need.

 

4. Year-round support - during and between audits as you navigate the complex world of compliance

 

Our clients often refer to us as a trusted advisor, partner, or their compliance consultants. We maintain our auditor independence, but also support our clients as they navigate the world of compliance when things come up and they need our market expertise and insight.

 

5. Responsiveness - Fast back and forth to get things done

 

When you wait days or weeks on another party, you spend time and mental energy trying to remember the context and review the history. That’s why we set SLAs for 24 hour response time and 3 days for review and feedback on audit documents.

 

6. All bases covered - a single provider removes the duplication and overheads

 

There is a huge amount of duplication between the different standards that many businesses are required to comply with. Gone are the days where one standard is sufficient. Our blending of compliance standards means the duplication is removed and you enjoy the simplicity of a single auditor, single platform, and single monthly fee covering your various compliance requirements.

 

7. Cloud experts - understanding your environment and software

 

The risks, and therefore the compliance activities, are very different for cloud services compared to traditional infrastructure. Modern cloud infrastructure and software is designed to simplify security and compliance. We leverage those principles and design features as they relate to your environment, to avoid a lot of wasted efforts and guesswork.

 

8. Tailored approach - when compliance fits, it removes the compliance burden

 

Generic audits have become prevalent with lower-cost audit providers. Of course they sell well - they  cost less, which also implies less work involved. But the generic approach means more headaches trying to fit a square peg into a circle hole. Our tailored approach leverages what’s relevant, so you’re not forced to implement things that don’t make sense. 

 

9. Practice guides - decades of experience translated into pragmatic guides

 

We have decades of our experience in the industry, and have spent 4+ years listening to our clients and iterating our practice guides. Our clients want to know:

  • What does "good" look like?
  • How can we keep this "process light"?
  • Is there software to automate this?
  • What if we want to do X?

All of that and more, has been translated into practice guides to help our clients navigate their compliance goals in a way that fits.

 

10. History of success - Confidence in your requisite outcomes

 

There are a lot of little things we do that roll up into our 93% retention rate of customers. The remaining 7% is mostly attributed to acquisitions, with the remainder due to changes in compliance requirements. We consider acquisitions a success - even though we're disappointed to stop working together.

 

We can’t guarantee clean reports, or specific timelines, that are each out of our control. But we do support each client to de-risk the audits with transparency of the requirements, effective guidance and tips along the way. We work tirelessly to meet their timelines and support their stakeholders that want to know what's going on. You don't need a good auditor, until you do. That's where our loyal clients recognise the importance of our role.

 

About AssuranceLab

 

AssuranceLab is a modern cybersecurity audit firm and Regtech software company that solves compliance with audits (SOC 1/2, ISO 27001, GDPR, Consumer Data Right, HIPAA, and more!). Our award-winning, free software has helped over 600 companies prepare for their compliance goals. Our agile and collaborative audit services leverage our software and guides your team in a way that fits to achieve your compliance goals.

SOC Reporting ISO 27001 Compliance Standards

Some additional information in one line