Overview
Clario is singularly focused on equipping mid-sized marketers with the same data, machine learning, and expertise the giants are using today to run radically customer-centric organizations whose growth is fueled by scientific experimentation, measurement, and automation.
Services Provided
- SOC 2 Readiness Platform: Vanta
- SOC 2 Type II Audit
Challenge
Clario, Inc. is a growing SaaS company, building the most intelligent audience automation platform for marketers. As a tech company, Clario understands the importance of maintaining data security, and effective policies and procedures. As they continue to build market momentum, providing customers objective evidence about Clario’s commitment to security has become increasingly important (and often a requirement) in competing for deals and responding to RFPs.
Solution
SOC 2 Readiness
Clario had considered a SOC 2 audit in the past, but, between the lack of viable readiness tools and high costs, it couldn’t justify the investment. But with the increased availability and affordably of readiness platforms in recent years, the company gained new options.
After a careful evaluation, Clario selected the Vanta readiness platform. Along with a smooth onboarding process, Vanta offers direct integration with Amazon Web Services, the cloud-based infrastructure Clario uses, as well as automated evidence collection, controls assessments, and real-time monitoring to establish a compliance baseline and prompt corrective actions that improve the company’s security posture.
SOC 2 Type II Audit
In addition to evaluating SOC readiness platforms, Clario evaluated firms to perform their SOC 2 audit. Clario wanted an audit partner not only with technical expertise, but that was aligned with its culture and work style. Clario partnered with Sensiba to conduct the examination and testing required for its SOC 2 Type 2 audit, based on compatibility between the teams.
“Sensiba was definitely a good fit in that regard,” says Dan Reiland, Clario’s Director of IT Operations. “The Sensiba team was incredibly forthright. They were collaborative and willing to answer a variety of questions even before they were selected. Throughout the observation period, they were responsive about providing context and validation, and they completed the audit without wasting any time.
Result
Clario has a successful SOC 2 Type 2 Audit Report, which provides objective confirmation that the company’s security processes and controls are effective.
Equally important, the company has sustainable processes and an enhanced ability to reassure customers about protecting their data — as well their customers’ data. The company is better able to conduct ongoing risk assessments, and to adjust its policies and procedures quickly as conditions change.
“We have a meaningful compliance regime and security controls, and we know we can speak confidently about those to clients,” Reiland says. “Being able to provide that level of comfort goes a long way. We also have external validation that our controls are appropriate and performing as designed. There’s an additional comfort that was worth the effort of obtaining the audit.”
Looking back, Reiland says the process was smooth and he wishes Clario had undergone the SOC 2 audit sooner. He also says it’s important to be selective when evaluating tools and partners to help.
“The readiness platform is important, but companies should also be choosy as they interview auditors,” he says. “There’s value in those direct human interactions. It’s not necessarily just about cost. Taking the time to find the right fit is important.”
Ready to get started?
Find out how our Risk Assurance team can help you with your compliance. Contact us to learn more about how we can work together toward your goals.
