ISO/SOC2 Certifications

Question

Hey dear HN community, more and more of our (enterprise) customers are asking for ISO27001 / SOC2 certifications.Do you have any recommendations about where to start?

orbz · Accepted Answer

Get a demo from Vanta, SecureFrame and Drata, pick one and they&rsquo;ll hold your hand throughout the process. It&rsquo;s not cheap (even without using one of those), but it makes life easy.

e1g · Answer

Some auditor recommendations from personal experience -The top tier is Coalfire and Schellman, but you are looking at $100k in auditor fees. More affordable is BARR and A-LIGN. If you are happy to have multiple vendors, KPP for SOC2 and BSI for ISO.

ISO/SOC2 Certifications

Hey dear HN community, more and more of our (enterprise) customers are asking for ISO27001 / SOC2 certifications.
Do you have any recommendations about where to start?

Get a demo from Vanta, SecureFrame and Drata, pick one and they’ll hold your hand throughout the process. It’s not cheap (even without using one of those), but it makes life easy.

Some auditor recommendations from personal experience -
The top tier is Coalfire and Schellman, but you are looking at $100k in auditor fees. More affordable is BARR and A-LIGN. If you are happy to have multiple vendors, KPP for SOC2 and BSI for ISO.