Overview
3rdRisk is Europe’s leading cloud platform for third-party risk and compliance operations, located in Amsterdam, Netherlands. They offer a platform designed to evaluate and monitor suppliers across various risk domains, including cybersecurity, sustainability, and compliance. Using AI and other technologies, the platform automates routine tasks and recurring activities, enhancing efficiency and accuracy.
Service Provided
- SOC 2
Challenge
After recognizing the need for business growth and client requirements, 3rdRisk undertook their SOC 2 compliance audit with Sensiba and Drata.
As a third-party risk management platform, Jelle Groenendaal, Co-founder and CMO at 3rdRisk, stated that for them, “SOC 2 was the preferred framework as it better suited our business needs and goals, as well as looks at how our systems operate.
“We have a lot of data coming through our business by the nature of the work we do, and we wanted to ensure we could show clients the security practices we have in place.”
“For other companies in the Netherlands looking at SOC 2, we would recommend Sensiba to conduct the audit.”
Jelle GroenendaalCo-founder and CMO, 3rdRisk
Solution
After completing their initial SOC 2 review, 3rdRisk started on Sensiba’s continuous audit model. This worked well for the team at 3rdRisk as it was clearly defined each month which controls were the main focus.
Groenendaal said this helped the team “stay focused and consider only what was necessary each month, rather than becoming overwhelmed.”
Completing the continuous audit meant 3rdRisk had completed testing soon after the audit period ended. This meant they achieved their SOC 2 audit within their tight client deadlines.
With 3rdRisk based in Europe, Drata in the U.S., and Sensiba’s audit team in Australia, this audit was conducted across three continents.
When it came to working with Sensiba, the team at 3rdRisk had no concerns about geography or potential time differences. The team at Sensiba were easy to get a hold of, there was no difficulty booking meetings, and the team responded quickly, clearly, and comprehensively to audit queries.
Result
After their SOC 2 audit experience, the team at 3rdRisk would recommend SOC 2 compliance to all SaaS companies, using Sensiba as the main audit partner. Groenendaal highlighted that after achieving their SOC 2 attestation, 3rdRisk has expanded and grown their business significantly.
Through the Drata Starter continuous audit program, 3rdRisk was able to achieve their SOC 2 compliance to meet tight client deadlines. Working with Drata as the compliance automation platform, and Sensiba as the lead auditors, the audit process ran smoothly and seamlessly. 3rdRisk has enabled business growth through its SOC 2 attestation and is an advocate for other SaaS companies to understand their SOC 2 audits.
It should be noted this is not the only security framework, and companies can expand their compliance with ISO/IEC 27001.
Ready to get started?
Find out how our GRC team can help you with your compliance. Contact us to learn more about how we can work together toward your goals.
Case Studies
Ready for more inspiration? Dive into additional client success stories where we showcase diverse projects, innovative solutions, and the transformative impact we’ve had on businesses like yours.
