CITSAP teams up with Thoropass and DuploCloud to offer SOC 2 + HITRUST AWS Marketplace solution

Security service provider CITSAP teams up with infosec compliance leader Thoropass and DevOps automation pioneer DuploCloud to offer a complete SOC 2 and HITRUST AWS Marketplace solution with AWS GSCA

[New York, November 28 2023] – CITSAP, Certified IT Security Assurance Professionals, a leading provider of cybersecurity services, has announced their partnership with compliance and audit solution Thoropass, and DevOps automation pioneer DuploCloud, to offer SOC 2 and HITRUST information security compliance services offering that is now available in AWS Marketplace, as part of the Global Security & Compliance Acceleration (GSCA) Program. The offering, formally announced at AWS re:Invent 2023 in Las Vegas, is available now to startups and other organizations seeking assistance with their compliance journey.

CITSAP and Thoropass’ SOC 2 compliance solution for early-stage startups leverage a holistic framework built around highly skilled professionals, streamlined processes, and use of the Thoropass automated compliance platform to ease the burden of meeting your SOC 2 or HITRUST compliance requirements in the most efficient and effective manner. 

“This is a true shift-left compliance approach that presents a game-changing opportunity for early-stage startups, designed to fast-track their cybersecurity compliance journey, and transform their programs from zero to hero through our collaborative efforts,” says Tosin Ojo, founder and CEO of CITSAP.

CITSAP and Thoropass combine customer-centric approaches to servicing and automating interested parties’ compliance needs. While CITSAP provides subject matter experts who work with clients to identify their most pressing risks, Thoropass provides AI-infused automation technology with in-house auditors who can provide SOC 2 attestation and HITRUST assessment without leaving the platform.

Attaining SOC 2 for many startups can be both daunting as well as essential for startups and growing businesses. Likewise, for those involved in HealthTech-related industries, HITRUST is often an aspiration that is met with friction via resources and time. This partnership offered via AWS Marketplace – including an optional service with DevOps software provider DuploCloud –is a game changer for companies looking to get and stay compliant without the stress or confusion typically associated with the process. 

Add-in Infrastructure automation from DuploCloud

Building a fully automated and secure cloud infrastructure requires many tools, APIs, services, and standards to be stitched together manually by DevOps engineers writing Infrastructure-as-Code. DuploCloud’s DevOps automation platform auto-generates 90% of the manual code based on built-in best practices, compliance standards, and cloud integrations. Deployments using DuploCloud can shave weeks off the Thoropass gap assessment phase as the proper security controls and compliance standards are provisioned correctly the first time.

Thoropass and DuploCloud are part of the Global Security & Compliance Acceleration (GSCA) Program and offer AWS customers a streamlined approach for their compliance needs. By harnessing the power of the AWS Marketplace, CITSAP and Thoropass continue to accelerate their partnership by providing industry-leading services and automation in a single place. For more information, visit


CITSAP is a next-generation cybersecurity compliance professional services firm comprising seasoned subject matter experts spanning various industries. Our customers engage us as their trusted advisors to help them address the many unique challenges with meeting their various compliance requirements. Our compliance support services are customized to meet the specific needs of our client’s unique business risks and control environment and ensures that startups have the expertise, processes, and technology needed to seamlessly achieve robust cybersecurity assurance leveraging our closed-loop compliance solution.

For more information, please visit

About Thoropass: 

Thoropass are compliance experts so our clients don’t have to be. Pairing easy software that’s always getting smarter with expert guidance and continuous monitoring, we integrate into clients’ processes to prepare them to pass any audit, every year, with flying colors. Hundreds of growing companies use Thoropass’s automated compliance and audit solution, expert services, auditors and partner ecosystem to get and stay compliant over the lifetime of their business. We offer SOC 2, ISO 27001, GDPR, HIPAA, HITRUST, and other infosec and privacy frameworks.

For more information, please visit

Media Contact:

Chris Gerben, Director of Brand and Content at Thoropass

[email protected]

Share this post with your network: