Blended audits scale compliance, not costs

Achieve multiple compliance frameworks, standards and regulations from a single audit process.

soc2-explained-video-cover
SOC 2 STANDARD

Is this the year you grow with SOC 2?

There’s no better standard to baseline your information security and earn trust with a broad customer base.

AssuranceLab is a registered CPA and CA firm ready to help you earn trust with SOC 2 in the US and globally.

We provide end-to-end readiness and audit services, with a cloud-native and agile approach that enables you to work at your own pace.

Contact us book a call
alab-network-countries-and-employees

You’re in great company. We work with hundreds of fast-growing software companies across 13 countries, ranging in size from 2 to 26,000 employees.

alab-network-countries-and-employees-1

You’re in great company. We work with hundreds of fast-growing software companies across 20+ countries, ranging in size from 2 to 26,000+ employees.

BLENDED AUDITS

Are you looking to

cover all bases?

Blended audits combine multiple compliance goals into a single process that removes all the usual duplication.

AssuranceLab is qualified in dozens of frameworks ready to help you earn trust globally.

We provide end-to-end readiness and audit services, with a cloud-native and agile approach that enables you to work at your own pace and achieve accreditations when you need them to grow.

Contact us book a call
alab-soc2-image
Workvivo-logo
Sine-logo
Plexure-logo
salestrekker-logo
Nano-logo
Livepro-logo
Livehire-logo
Inlogik-logo
Humanforce-logo
Fusion-suport-logo
HotDoc-logo
Fileinvite-logo
Data-zoo-logo
Enboarder-logo
Dropsuite-logo
Checkbox-logo
Bravura-solutions-logo
Atlan-logo
rockt-logo

THE BENEFITS

Clear reasons to act

alab-international-credibility-icon

International
credibility

Globally recognised attestations and certifications
to build trust at scale

alab-customer-confort-and-trust-icon

Customer comfort
and trust

Detailed reports addressing crucial
customer due diligence questions

alab-minimal-business-disruption-icon

Minimal business
disruption

Agile and flexible audits that help minimise the disruption while meeting client deadlines

alab-choice-of-goalposts-icon

Choice of
goalposts

Flexible scope to satisfy various customer expectations and compliance goals

alab-multi-standard-compliance-icon

Multi-standard
compliance

Remove all the duplication while achieving multiple overlapping compliance outcomes

alab-recognition-of-partial-progress-icon

Recognition of
partial progress

The ability to achieve compliance outcomes
with outstanding issues or process improvements

THE PROCESS

Four Steps to Blended audits

left arrow right arrow
Readiness Assessment

Readiness Assessment

We built Pillar so you can assess your compliance with 30+ global standards. It helps you get started with a tailored view of your controls and any gaps to prepare for our compliance audits for one or more frameworks. And, Pillar is always free.

Remediation Support

Remediation Support

We guide you as you address any gaps and implement fit-for-purpose processes that align with your way of operating while meeting your chosen compliance requirements. Our flexible and responsive team helps you work through it at your own pace.

First Goalpost

First Goalpost

You can optionally start with a single framework with a Type 1 or Type 2 style attestation. That starts building trust with your customers before tackling your broader compliance goals. 

Add-On Frameworks

Add-On Frameworks

You can combine many frameworks into a single audit process and achieve the outcomes at your own pace. When the requirements for each is met, we can issue those accreditations individually or hold to combine them to suit your preference.

Get started your way.
We’re ready when you are!

contact us

FAQ

Your questions answered

How do blended audits save costs?

Compliance frameworks, standards and regulations all have a lot of overlap. Whether your compliance is focused on financial regulations, security standards, privacy regulations, or environmental, social and governance (ESG), there is a lot of overlap in the business activities that support compliance. Combining those with a unified assessment, linkages to those respective compliance requirements, and through a single audit process that utilises the same evidence, takes out a lot of time and effort for both your team and ours.

How many frameworks can we combine?

The only limit to how many frameworks we can combine is the list of 30+ global standards we're qualified to accredit. It's common for our clients to combine SOC 1, SOC 2, ISO 27001, HIPAA, GDPR, CCPA, and ESG Reporting, in particular. We currently have clients combining up to seven (7) frameworks with us and seeing a large increase in the number of clients we have engaging us for these blended audits.

What if I need separate timing for different compliance goals?

No problem!

Our in-house built platform - Pillar - powers our audits with a flexible and collaborative approach. It links your tailored set of controls to all of the respective frameworks you may choose to pursue. Within Pillar's boards you can see your progress to each framework throughout the process, and filter and prioritise as needed for specific compliance timelines and targets. When each one reaches 100% we are ready to accredit or report on that framework, which we can do individually or in combination to suit your preferences and requirements.

Can we reduce the audit work by using a compliance platform?

Yes. Compliance platforms like Drata provide automation to verify and monitor your controls and centralise other evidence gathering activities for the audits. They also cover multiple frameworks - subject to licensing - to use the same controls and evidence across multiple compliance goals. We can leverage that during the audit process accordingly to cover many of the requirements.

AVAILABLE STANDARDS

Earn trust with leading standards

See all frameworks →

alab-blended-audits-icon

SOX ITGC

Satisfy publicly listed customers regulated by Sarbanes Oxley and supporting financial reporting requirements.

READ MORE ➔
alab-hipaa-icon

HIPAA

The de facto global and best practice standard for proving secure handling of electronic protected health information (ePHI).

READ MORE ➔
alab-custom-framework-icon

Custom Frameworks

Manage any compliance obligations from customers, regulators or your own internal risk requirements with custom frameworks.

READ MORE ➔
alab-iso-27001-icon

ISO 27001

An international framework to apply a structured and best practice methodology for managing information security.

READ MORE ➔
alab-csa-star-icon

CSA Star

A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register.

READ MORE ➔
alab-cdr-icon

Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation.

READ MORE ➔
alab-esg-icon

ESG Reporting

A flexible and lightweight framework to report up to 500+ positive impact activities supporting environmental, social and governance (ESG) objectives.

READ MORE ➔
alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

READ MORE ➔
alab-soc1-sox-itgc-icon

SOC 2

Trust services criteria to satisfy a broad customer base globally for security, availability, confidentiality, privacy and processing integrity.

READ MORE ➔
alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

READ MORE ➔

GET IN CONTACT

Get started your way

We’re ready when you are

BOOK A CALL

Can’t wait?

Our free products help you get started without any fuss:

pillar-tab-button-normal

The always-free GRC platform that powers trust for hundreds of technology companies.

READ MORE ➔
policytree-tab-button-normal (1)

Our 40-minute policy generator; a better alternative to cookie-cutter templates.

READ MORE ➔