Recently I’ve been chatting more with Chris Stobie, Calm’s Engineering Director of Infrastructure
(obligatory, come work with us!),
about how we can get more value from our compliance work.
As any company starts selling and partnering with larger companies, the size and quantity
of security reviews increase, and fulfilling some of the better-known security regimes
is the most reliable way to reduce that overhead.
To learn a bit from the community, I
tweeted out curious if folks thought highly of the various related compliance tools and platforms out there,
and I’ve collected the notes here.
Have any of you used something like eg Vanta to reduce overhead of SOC 2, ISO 27001 and HIPAA? Better than ye olde spreadsheet? How *much* better?