Achieve infosec compliance without the headaches
Manage your risk and maintain compliance with ease
Evidence requests, questionnaires, penetration tests, all-in-one
Meet your auditor on day 1 and eliminate any surprises
Connect to the tools that matter most for your audit
See how our automated platform provides more than just readiness through clear roadmaps, transparent communication, and in-app audits
Get the recording icon-arrow
Stand out in a highly regulated industry
Minimize your risk while maximizing returns
Safeguard your data and close more deals
A bespoke solution for your unique business
Steve Heilenman | CIO, Benefix
Read More icon-arrow
Financial data security without the stress
Efficient SOC 2 compliance with no surprises
Enhance your security posture and build trust worldwide
Stay on top of data privacy regulations
Secure transactions,no matter your scale
Protect patient health data with confidence
Stand out in highly regulated industries
Many more standards including custom frameworks
Josh Horowitz | CTO, Stylo
Explore more success stories icon-arrow
Find out why the OrO Way is the best way to do compliance
See how we drive better outcomes through compliance
Go beyond readiness with unmatched expertise
Ensuring compliance is never a blocker to innovation
Join the team that's reimagining compliance
Let's make compliance easier—together
Your team of compliance experts is standing by. Meet your auditor on day 1 and get answers when you need them.
Get to know them icon-arrow
Catch up on the latest industry trends and expert insights
Attend the latest webinar or meet with us in person
Actionable tools for your compliance journey
Expert-curated resources for your compliance journey
A podcast for B2B CISOs
Customize and download your free information security policy and be well on your way to SOC 2 compliance.
Use our policy generator icon-arrow
Customer Stories / Cigo Tracker
Cigo Tracker was conceived to solve a problem familiar to every online shopper: Not knowing when their order is being delivered. Often, transport companies have little insight once their drivers leave the warehouse. Cigo Tracker makes last-mile logistics more efficient, reliable, and transparent with its delivery management software.
After six years in business, Cigo Tracker sought to expand to enterprise companies but hit a snag: Larger customers required SOC 2 compliance.
Compliance was a new challenge for Cyrille Delavenne, CTO. He wore multiple hats on his small, growing team and prioritized revenue-generating activities. Compliance hadn’t been front and center–but he knew that had to change.
Cyrille researched auditors and compliance vendors online. He was looking for a supportive, guiding hand to help his team achieve SOC 2 certification at a reasonable price. At first, he had several negative experiences meeting with providers. According to Cyrille, “I just felt like it was going to be this extremely complicated thing working with people that only use ‘audit speak.’ It’s like a foreign language to me.” His perception changed when he found Thoropass.
In addition to the positive relationships, Cyrille chose Thoropass because of its all-in-one experience for audit preparation: Expert guidance, in-house auditors, and an easy-to-use platform to streamline the process.
His favorite feature was Thoropass’s policy templates. Cyrille estimated a 90% time savings versus writing policies from scratch.
Cigo Tracker needed to conduct penetration testing on its web application in order to fulfill compliance requirements and improve its security posture. Cyrille was considering renewing with pen testers he had used in the past, but when he learned Thoropass had its own in-house pen testing team at a competitive rate, he decided to give them a try.
He was pleasantly surprised. Cyrille’s previous pen testers identified problems without telling him how to reproduce or fix them.
“Usually you waste a lot of time going back and forth because the person isn’t telling you how to execute the attack that they were doing,” explains Cyrille.
As part of their successful SOC 2 audit, the Cigo Tracker team resolved several major vulnerabilities and developed their security policies. Thoropass helped them save valuable time in the process. “I think 90% of time saved writing policies is an understatement,” says Cyrille. With SOC 2 certification, Cigo Tracker has unlocked enterprise-level business opportunities and built confidence in its security posture.
Now, Cyrille and the Cigo Tracker team can sleep soundly. ”I think we just sleep better at night knowing that we are now doing some critical things that we should have been doing from the start.”
Cigo Tracker plans to use Thoropass’ continuous compliance services to keep its SOC 2 certification up to date. The company has adopted best practices such as two-factor authentication, background checks, managing access to resources, and yearly penetration tests. Thoropass made the process easy to understand and a lot less intimidating than they originally thought.
Cyrille’s advice to other startups? Get compliant early.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
SOC 2
HIPAA