SyncMonkey

How SyncMonkey saved $100,000 and hundreds of hours on their SOC 2 project plan

Young woman writes on a white board during a brainstorming session.

SyncMonkey is a Canadian-owned and -operated documentation management platform designed by industry experts. The secure and versatile system serves as a centralized information management application for all technical resources. SyncMonkey’s goal is to simplify your MSP’s day-to-day operations.

 

Highlights

 

Challenges

  • Go above and beyond to provide information security to their customers without breaking the bank
  • Implement a proactive approach to their security program
  • Build a security program with limited internal resources

 

Solutions

  • The ability to automate and track every step of a SOC 2 project
  • A security awareness tool to train and inform an entire team
  • Tracking a compliance program in real-time

 

Results

  • Over $100,000 saved on internal resources
  • Hundreds of hours of time available to allocate to other projects
  • Security assurance and continuous compliance their customers can see

 

A need to demonstrate security leadership

SyncMonkey is a centralized information management system that helps hundreds of businesses manage their technical resources.

Serving several IT departments, SyncMonkey understands the importance of information security. Security is also central to their value proposition. While they designed and implemented controls to keep their clients safe, they wanted to go above and beyond.

And that meant taking a proactive approach to their security. That’s when SyncMonkey’s lead project manager, Kevin Schoenewolf, began scoping out a SOC 2 project. 

 

"I thought we could get SOC 2 ourselves but quickly realized it would take internal resources we couldn’t spare," said Schoenewolf. "I recommended that we hire a compliance officer, but we’re a startup so we have to be mindful of how we allocate our resources,"

 

Kevin Schoenewolf, Lead Project Manager

 

Automating SOC 2 from start to finish

When Kevin reached out, he knew exactly what he wanted: A tool that would simplify SOC 2 from start to finish.

That’s exactly what he got.

With dedicated audit readiness software, Kevin was able to automate and track every step of his SOC 2 project in one place. He had access to a library of relevant policy templates, a list of controls he’d need to implement for SOC 2, and integrations that made evidence collection easy.

Now, long after their security program was kicked off, SyncMonkey’s senior leadership team still relies on the software to track compliance and ensure they’re ready for their audit.

 

"We were even able to provide security awareness training to our whole team through the platform. It’s kept them in the loop, so they know what the policies and procedures are,"

 

Kevin Schoenewolf, Lead Project Manager

 

Saving time and money on compliance

Getting SOC 2 is a landmark occasion for any company, big or small. Doing it without hiring a compliance officer or creating extra work for the rest of the team is a bonus. 

SyncMonkey was able to save time and money, both highly valuable commodities for any startup. About $100,000, which is a typical salary for the compliance officer they didn’t have to hire.

Even though the SyncMonkey team is still completing their SOC 2, they’re already scoping out an ISO 27001, putting them in a position to continue to deliver on one of their core promises — delivering a product with market-leading security.

 

"I do a lot for the organization and the fact that I was able to spearhead this project goes to show you how much time we’ve actually saved, from automation, from templates, from policies,"

 

Kevin Schoenewolf, Lead Project Manager


You may also like

Webinar

Third-Party Risk

Staying vigilant: 7 practical tips for ongoing third-party risk monitoring

In this webinar, we'll share seven practical tips for effective third-party risk monitoring, helping you to identify new risks and take timely action to protect your business.

August 02, 2023

Learn more

Webinar

Third-Party Risk

Automating third-party management workflows: 5 ways to drive alignment across teams

Join us as we explore how automating third-party management workflows streamlines processes, drives alignment across teams, and reduces reduntant work.

July 19, 2023

Learn more

Webinar

Third-Party Risk

Are your third parties a privacy compliance liability? 5 tips to reduce your exposure

Join our webinar and learn how to create an effective, privacy-focused third-party risk management (TPRM) program that streamlines recordkeeping and reduces your risk exposure.

July 05, 2023

Learn more