From compliance automation through audit, the Thoropass compliance delivery platform helps you get and stay compliant.
Modern audits delivered by expert auditors
Maintain compliance with real-time monitoring and alerts
Identify vulnerabilities with CREST-accredited pentest experts
Leverage AI for smarter compliance solutions
Streamline audits and improve accuracy with evidence automation
Simplify user reviews to enhance security
Automate responses to security questionnaires
Track and mitigate security risks in one place
Seamlessly connect your tools for streamlined compliance
Audits done the modern way. Leverage AI-powered compliance solutions with expert guidance for seamless, scalable audits.
From controls to audit, rapidly achieve infosec compliance with a single vendor
Manage your risk and streamline compliance
Meet your auditor on day 1 and eliminate any surprises
Discover proven compliance outcomes in the words of our customers.
Catch up on the latest industry trends and expert insights
Watch the latest webinar or meet us in person
Expert-curated resources for your compliance journey
A "true crime" styled podcast for anyone in the compliance industry
Actionable tools for your compliance journey
Implement audit-ready compliance solutions for friction-free infosec compliance outcomes.
Go beyond readiness with unmatched expertise
Stay updated with the latest Thoropass news and insights
Join the team that's reimagining compliance
Let's make compliance easier—together
We're committed to unbiased audits and superior service
Customer Stories / HalcyonFT
Halcyon Financial Technology (HalcyonFT) provides IT, cybersecurity, and cloud infrastructure services for the investment industry. In order to do business in this highly regulated field, HalcyonFT needed a robust security posture customers could trust.
Joe James, Partner, Director of Projects of HalcyonFT, had helped previous companies achieve SOC 2 attestations and ISO certifications. When prospective customers increasingly began asking for due diligence questionnaires regarding SOC 2 and ISO 27001, Joe knew it was time to pursue both certifications.
He considered preparing for the SOC 2 and ISO audits himself, but estimated it would take three years. Weighing this significant time commitment against the risk of non-compliance, he ultimately decided to revise his strategy.
Joe evaluated multiple compliance solution providers. He found that while other providers gave him a sales pitch, Thoropass was the only one willing to give an in-depth demo of the platform.
First, HalcyonFT tackled SOC 2 attestation. Thoropass’s in-house team of compliance experts and easy-to-use platform helped Joe simplify and accelerate the attestation process. From implementation to audit, Joe appreciated the weekly calls and constant communication from his Customer Success Manager (CSM).
The expert guidance helped Joe and his team stay on track while working through the SOC 2 framework. For each evidence request, Joe would simply look at the specifications, upload the information, and receive detailed feedback. Thoropass’s policy templates also provided the HalcyonFT team the guardrails they required to make sure that their existing policies were inline with the requirements for SOC 2 and ISO 27001 compliance.
Once they achieved SOC 2, Joe and his team tackled ISO 27001. Within the Thoropass platform, it was easy to map SOC 2 evidence to matching ISO requirements. According to Joe, “once we got past SOC 2, ISO was a walk in the park, because we had that framework already laid out, and a lot of it overlapped.”
They implemented the required controls to meet SOC 2 criteria in about 100 hours and then proceeded to implement the required controls to support ISO 27001 in just 50 hours through the use of the platform’s multi framework capabilities and efficiencies–a third of the time Joe expected.
Beyond the time savings, SOC 2 and ISO certifications have brought in new clients for HalyconFT. Joe says that “while HalcyonFT already maintained best-in-class information security and data governance, attaining these certifications differentiated us from some of our competitors and is a heavy checkmark on our existing and future client regulatory compliance requirements.”
“While HalcyonFT already maintained best-in-class information security and data governance, attaining these certifications differentiated us from some of our competitors and is a heavy checkmark on our existing and future client regulatory compliance requirements,” explains Joe.
Moving forward, Joe plans to keep HalyconFT’s certifications up to date with Thoropass. The team is also recommending Thoropass as a compliance solution to its financial clients.
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
Penetration Testing, SOC 2
SOC 2
