From compliance automation through audit, the Thoropass compliance delivery platform helps you get and stay compliant.
Modern audits delivered by expert auditors
Maintain compliance with real-time monitoring and alerts
Identify vulnerabilities with CREST-accredited pentest experts
Leverage AI for smarter compliance solutions
Streamline audits and improve accuracy with evidence automation
Simplify user reviews to enhance security
Automate responses to security questionnaires
Track and mitigate security risks in one place
Seamlessly connect your tools for streamlined compliance
Audits done the modern way. Leverage AI-powered compliance solutions with expert guidance for seamless, scalable audits.
From controls to audit, rapidly achieve infosec compliance with a single vendor
Manage your risk and streamline compliance
Meet your auditor on day 1 and eliminate any surprises
Discover proven compliance outcomes in the words of our customers.
Catch up on the latest industry trends and expert insights
Watch the latest webinar or meet us in person
Expert-curated resources for your compliance journey
A "true crime" styled podcast for anyone in the compliance industry
Actionable tools for your compliance journey
Implement audit-ready compliance solutions for friction-free infosec compliance outcomes.
Go beyond readiness with unmatched expertise
Stay updated with the latest Thoropass news and insights
Join the team that's reimagining compliance
Let's make compliance easier—together
We're committed to unbiased audits and superior service
Customer Stories / Cardo AI
Cardo AI is a global FinTech company helping institutional investors scale asset-based finance and private credit through modern technology. Its customers include bankers, asset managers, and fund administrators who expect the highest quality of security.
Cardo AI first built a commercial footprint in Europe through acquisition of customers in Italy, the UK, the Netherlands and Luxembourg. At the end of 2022, Rubin Haxhiymeri, Revenue Operations Lead at Cardo AI, was tasked to determine a security compliance solution to be rolled out as the company kept hitting roadblocks in terms of further expansion when it came to security questionnaires, especially because US customers had different security requirements.
“After internal analysis and evaluation, we saw SOC 2 as the most attainable, simple, and fastest route towards meeting the requirements of our US customers.” — Rubin Haxhiymeri, Revenue Operations Lead, Cardo AI
Rubin began a search for a vendor to help Cardo AI achieve SOC 2 certification. He was looking for a compliance partner to help with the process of putting all the controls in place, conducting gap analyses, and collecting evidence in a single repository.
For Rubin’s small team, which was stretched across multiple initiatives, cost and usability were also critical factors. After evaluating several vendors, they selected Thoropass.
From the very beginning, Thoropass’ support and guidance helped to streamline the process. In addition to providing resources like how-to guides, training modules, and policy templates, Cardo AI’s dedicated Customer Success Manager (CSM) was available to answer questions.
“Our onboarding experience was fantastic. Our CSM did a terrific job being there for us, making sure that we understood the task at hand, and helping us meet our timeline.” — Rubin Haxhiymeri
After onboarding, the Cardo AI team began the evidence collection process for the required SOC 2 controls. Thoropass’ platform made it easy to understand the controls, track progress, and stay aligned.
“The Thoropass platform facilitated a lot of the work by making it visible and transparent. Evidence was collected into one single space, serving as a single source of truth. This made it easy to distribute the work across the organization.” — Rubin Haxhiymeri
As a result, Cardo AI passed its SOC 2 Type 1 audit in six months and Type 2 audit in eight months—half the time Rubin expected.
With their SOC 2 certification, Cardo AI was able to increase their US presence by 400% in just one year.
“Thoropass had an immediate commercial impact for us. Whenever you bring up the fact that you’re SOC 2 certified, it erases a lot of doubts in the eyes of customers.” — Rubin Haxhiymeri
Its improved security posture impressed not only customers, but investors as well.
Cardo AI plans to use Thoropass’ ongoing compliance services to keep its SOC 2 certification up to date, ensuring both the highest level of security and customer confidence.
Rubin began the SOC 2 process as a team of one, later increasing to a team of two. No matter the size, he recommends choosing a vendor like Thoropass that provides customized support every step of the way.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’ thoughtful automation, expert guidance, and security audit experience.
SOC 2