Changing the world of compliance audit

We support hundreds of ambitious technology companies in 20+ countries looking to earn and keep the trust of their dream customers.

Team image May 24

The auditors you’ve always wanted

We founded AssuranceLab to create a new and better approach to audits, so you can comply with standards your way.

Our compliance data model and agile audit approach tailors compliance to your business. This helps you to improve incrementally and avoid big, disruptive audits.

Our team of experienced audit and technology professionals will work closely with yours to turn compliance from a headache into a competitive advantage.

We’re the auditors you actually want to work with!


Audit services that
scale with you

We’ve grown with our clients

We started out as specialists in startups seeking their first compliance milestones to build trust with strategic customers.

We’ve since expanded into multi-framework compliance for scaleups, and developed our signature tailored approach that excels for our larger clients managing up to 26,000 people globally.

Your needs change as you grow. So does our service.



We cover each stage of your growth journey


For startups

You want to build trust with your target customers, but also minimise costs and avoid over-complicating or burdening your operations.

Our Minimum Viable Compliance frameworks are the simplest, fastest, and most cost-effective way to achieve your first compliance milestone to unlock compliance-powered growth.


For scaleups

You want strong foundations for scale. That includes managing your data, employees, risks and compliance obligations in a way that minimises the compliance burden.

Our signature tailored audits, with multi-framework options, lay strong compliance foundations that fit your way of operating. Our audits enable rather than hinder fast growth.


For enterprise

You are juggling broad customer needs, global compliance obligations, and large teams. It’s so important for compliance to enable and not block them.

With our signature tailored audits and access to our expert centre, you’ll always find a way to adapt your compliance to what fits your broader company goals, culture, and ways of working.


We’ve helped over 200 trailblazers to level up their compliance game

quote icon
“I don’t say this lightly, but we are super stoked that we chose to work with AssuranceLab who have made the audit such a pleasant experience.”
Guido Santo
VP Cybersecurity


Rokt levels up their security program from ISO 27001 to SOC 2

Rokt were already ISO 27001 certified and SOC 2 covers similar controls. However according to Rokt’s VP Cybersecurity, Guido Santo, SOC 2 results in a more granular audit report which customer security teams find more useful.
quote icon
“Taking things in bite-sized chunks enabled us to action things within the business as we went rather than having a big bang approach.”
brad-shaw-CEO livepro-90x90px-circle
Brad Shaw
CEO Livepro
livepro achieves security prestige to win large business customers with SOC 2
Gaining SOC 2 accreditation was important to livepro's customers, providing security prestige in the market and helping livepro tighten up their operation with reference to best practices.
quote icon
The key was in the simplification of the audit requirement. AssuranceLab speaks a language the customer can understand. This is critical.
Paul Lubki
Founder, PBR Solutions
Plan.Build.Run consultants team up with AssuranceLab for a holistic approach
As consultants helping clients implement their compliance, it was important for PBR to team up with auditors to provide the SOC 2 compliance outcomes.
quote icon
AssuranceLab have provided our business with comprehensive SOC 2 audits on a continuous basis. The online audit process is easy to navigate and prompt responses were provided to all queries with regular online meetings scheduled to keep the process on track. Their auditors are experienced and knowledgeable and provide valuable insights.
Ross Withers - Inlogik
Ross Withers
COO/CISO, Inlogik
InLogik case study logo
Inlogik adds a notch to their belt with SOC 2 to satisfy regulated customers
Inlogik manages a broad compliance program spanning SOC 2, ISO 27001, ISO 27701, PCI-DSS and privacy regulations like GDPR, the APP and OAIC NDB.
quote icon
When you do audits all at once, you have hours to a few days to provide the evidence because there is a time crunch. I think spreading it out makes it feel like less of a burden for us.
Kacie Armbrust
Voxel Director Of Finance
Voxel establishes SOC 2 compliance through AssuranceLab’s Drata Starter x Continuous Audit Program
Voxel, a technology-driven SaaS company, leveraged AssuranceLab’s Drata Starter x Continuous Audit Program to achieve their initial compliance outcome in 1 month. 
quote icon
We really want to focus on the things that make us extraordinary in the market that we play in. So being able to have someone like AssuranceLab behind us, to facilitate an outcome around that audit component in the assurance space, particularly for SOC 2, is incredibly helpful.
Samm MacLeod
VP Security & Risk
Culture Amp’s journey to multi-standard compliance
Culture Amp is a global leader in employee experience. Follow their transformative journey from startup to scaleup, and learn how achieving SOC 2 and GDPR compliance. 
quote icon
Working with AssuranceLab on ESG gave us a clearer perspective on how this standard related to us, and was important for a business of our type.
Chief Compliance & Innovations Officer
Data Zoo case study
Data Zoo case study - ESG compliance
ESG Enlightenment: How AssuranceLab empowered Data Zoo to unlock the untapped potential of Environmental, Social, and Corporate governance (ESG) reporting.
quote icon
Working with AssuranceLab has been a smooth and overall very easy process.
Resh Del
Global Security Director
Transcom case study
Transcom Case Study - Global compliance
Unlocking Efficiency and Confidence Amidst Global Complexities


Show the world your standards earn trust



Trust services criteria to satisfy a broad customer base globally for security, availability, confidentiality, privacy and processing integrity.



A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register.



The de facto global and best practice standard for proving secure handling of electronic protected health information (ePHI).


ISO 27001

An international framework to apply a structured and best practice methodology for managing information security.


Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation.


Custom Frameworks

Manage any compliance obligations from customers, regulators or your own internal risk requirements with custom frameworks.


ESG Reporting

A flexible and lightweight framework to report up to 500+ positive impact activities supporting environmental, social and governance (ESG) objectives.



The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.


Blended Audits

Combine two or more compliance frameworks into a single blended audit process without duplication to scale trust, not costs and effort.


We enable better compliance practices globally through innovative solutions

The always-free GRC platform that powers trust for hundreds of technology companies
Leverage Pillar to assess your compliance status, mapping to one or multiple frameworks, and prepare your audit-ready compliance program. Pillar is the most advanced platform for covering multiple standards in one audit process to avoid duplication.

Pillar adapts to your organisation’s unique way of working. Its data model profiles your context, systems, and processes to align your compliance program your own way.

Enable continuous incremental improvement, and audits at your own pace, with Pillar.
Our 40-minute policy generator; a better alternative to cookie-cutter templates
Use PolicyTree to roll out your tailored set of compliance and trust-building documentation adapted to your unique way of operating. Avoid risky reliance on cookie-cutter templates and consultants who don’t necessarily understand the nuances of your company.
After answering a single, comprehensive survey covering all aspects of your compliance program and business, you will receive a complete set of up to 21 fit-for-purpose and ready-to-use policies and your compliance system description.
With a package accessible to startups, there’s no reason to wait for better policies that actually safeguard your future.


Your questions answered

Where is AssuranceLab based?

Our HQ is in Sydney, Australia. We have team members scattered across Australia, New Zealand, Singapore, The US, Europe, China and The Philippines. We work with clients in over 20 countries, bringing our modern approach to auditing that all works asynchronously so you can complete audits at your own pace in your own way. We jump on calls as needed across time zones to provide personalised service and ensure you're on track to achieving your compliance goals.

What countries does AssuranceLab serve?

We have active clients in over 20 countries, including the United States, Australia, New Zealand, Singapore, Hong Kong, the Philippines, Vietnam, the United Kingdom, Ireland, France, India, Slovenia, and the Netherlands.

We can serve clients in any country with our offering of global standards, subject to language requirements and any country-specific regulations.

Does AssuranceLab provide consultancy services?

We do not design or implement our clients’ compliance activities. That’s prohibited for audit firms based on the independence requirements of the standards. We do offer tools and guides to help clients understand what is required and provide feedback on their state of compliance. Our audit services are often viewed as management consultancy to guide our clients on their security, compliance, and operations.

Which regulations and standards does AssuranceLab cover?

We work with clients to issue their attestations, assurance reports, and certifications for: SOC 1, SOC 2, HIPAA, GDPR, CPRA/CCPA, ISO 27001, ISO 27701, ISO 27017, ISO 27018, Consumer Data Right, CSA STAR Level Two, ESG Reporting, GRI Reporting, and CPS 234. We are expecting to add PCI DSS in 2023 and considering HITRUST and the CryptoCurrency Security Standard (CCSS). Our product maps to an additional 12 standards and frameworks including customer specific requirements, NIST and CSC, which are less commonly formally accredited and rather used as guides for your compliance activities. We are a CPA and CA audit firm, a certified CSA STAR Auditor, and an ISO certification body, which provides our credentials for the above standards and services.

Which compliance platforms does AssuranceLab work with?

As an audit firm that needs to retain independence from designing and implementing compliance, we naturally partner with complementary platforms and services companies. Our partners page includes many of these providers. Our only security compliance platform partner is Drata. We discontinued formal partnerships with other platforms to maintain our independence against the concerning market trends, and to optimise our audit process for users of Drata’s leading platform that we use ourselves for our own compliance. We can provide our audit services to clients using any combination of software products, regardless of our formal partnerships and affiliations.


Hear more from our clients

'AssuranceLab always responded to our questions quickly and their explanations were clear and efficient. That helped us better understand our controls and make improvements to make them more efficient and manage compliance better.'
Huy Dang Nguyen
Senior Security Specialist
'AssuranceLab was supportive and responsive throughout the entire process... (their) agile approach fit well. They were always just a phone call away and would match the speed we were going for any given week.'
Tristan Cole
'This flexible process allowed us time to make changes while catering to the business needs. It contributes to making the audit faster, simpler and for us to understand the processes better.'
Adrian Loke
Director of Infrastructure


'AssuranceLab listened to understand our unique issues and helped guide us through the audit process in a way that made sense for us.'

brad-shaw-CEO livepro-90x90px-circle
Brad Shaw


'I couldn't be more pleased with the support from AssuranceLab. They expertly streamlined the SOC 2 Type 1 and Type 2 audits, making the process seamless and efficient. Their deep expertise and guidance were invaluable every step of the way.'

André Duis
André Duis
Technical Executive (CTO Office) - Weaviate


Get started your way

We’re ready when you are

Can’t wait?

Our free products help you get started without any fuss:


The always-free GRC platform that powers trust for hundreds of technology companies.

policytree-tab-button-normal (1)

Our 40-minute policy generator; a new alternative to templates and consultants.