How SyncMonkey saved $100,000 and hundreds of hours on their SOC 2 project plan

Young woman writes on a white board during a brainstorming session.

SyncMonkey is a Canadian-owned and -operated documentation management platform designed by industry experts. The secure and versatile system serves as a centralized information management application for all technical resources. SyncMonkey’s goal is to simplify your MSP’s day-to-day operations.



  • Go above and beyond to provide information security to their customers without breaking the bank
  • Implement a proactive approach to their security program
  • Build a security program with limited internal resources


  • The ability to automate and track every step of a SOC 2 project
  • A security awareness tool to train and inform an entire team
  • Tracking a compliance program in real-time


  • Over $100,000 saved on internal resources
  • Hundreds of hours of time available to allocate to other projects
  • Security assurance and continuous compliance their customers can see


A need to demonstrate security leadership

SyncMonkey is a centralized information management system that helps hundreds of businesses manage their technical resources.

Serving several IT departments, SyncMonkey understands the importance of information security. Security is also central to their value proposition. While they designed and implemented controls to keep their clients safe, they wanted to go above and beyond.

And that meant taking a proactive approach to their security. That’s when SyncMonkey’s lead project manager, Kevin Schoenewolf, began scoping out a SOC 2 project. 


"I thought we could get SOC 2 ourselves but quickly realized it would take internal resources we couldn’t spare," said Schoenewolf. "I recommended that we hire a compliance officer, but we’re a startup so we have to be mindful of how we allocate our resources,"


Kevin Schoenewolf, Lead Project Manager


Automating SOC 2 from start to finish

When Kevin reached out, he knew exactly what he wanted: A tool that would simplify SOC 2 from start to finish.

That’s exactly what he got.

With dedicated audit readiness software, Kevin was able to automate and track every step of his SOC 2 project in one place. He had access to a library of relevant policy templates, a list of controls he’d need to implement for SOC 2, and integrations that made evidence collection easy.

Now, long after their security program was kicked off, SyncMonkey’s senior leadership team still relies on the software to track compliance and ensure they’re ready for their audit.


"We were even able to provide security awareness training to our whole team through the platform. It’s kept them in the loop, so they know what the policies and procedures are,"


Kevin Schoenewolf, Lead Project Manager


Saving time and money on compliance

Getting SOC 2 is a landmark occasion for any company, big or small. Doing it without hiring a compliance officer or creating extra work for the rest of the team is a bonus. 

SyncMonkey was able to save time and money, both highly valuable commodities for any startup. About $100,000, which is a typical salary for the compliance officer they didn’t have to hire.

Even though the SyncMonkey team is still completing their SOC 2, they’re already scoping out an ISO 27001, putting them in a position to continue to deliver on one of their core promises — delivering a product with market-leading security.


"I do a lot for the organization and the fact that I was able to spearhead this project goes to show you how much time we’ve actually saved, from automation, from templates, from policies,"


Kevin Schoenewolf, Lead Project Manager

You may also like


Third-Party Risk

5 Ways to save time when assessing third parties for privacy and security risks webinar

Join our webinar and learn how to save time and streamline third-party risk assessment throughout the TPRM lifecycle.

October 25, 2023

Learn more


Third-Party Risk

Live demo: Building your third-party risk management program with OneTrust

Explore how OneTrust can help you build an efficient third-party risk management program that streamlines manual processes and uncovers hidden risks.

September 28, 2023

Learn more


Third-Party Risk

Live Demo EMEA: How OneTrust can help advance your third-party risk management program

Join us for a live demo of OneTrust's third-party risk management solution and see how it can help automate and streamline your TPRM program.

September 19, 2023

Learn more