AssuranceLab is the leading provider of SOC 2 audit services in Australia and New Zealand. SOC 2 is a cybersecurity audit standard that prepares a report to stakeholders on the design and operational effectiveness of the operational controls of a business.
Cyber Security, Assurance, Audit
• Assessment time reduced from 7 business days to 1 hour
• Conversion increased from 13.5% to 43%
• 75% higher instances of gap control identification
See how Checkbox fits in within your organization
"Compared to Checkbox's no-code platform competitors; the leadership and team proficiency was a standout, giving us confidence in the future direction of the company and the support we could expect on our digital transformation journey."
As an emerging consultancy provider, AssuranceLab entered the market at the right time for their SOC 2 cyber security services. However CEO Paul Wenham stated that because of this they couldn't keep up with the demand for their services.
"Our choice was to hire additional consultants while our future case flow was uncertain, or to look to automation. We chose automation; not only because it was cheaper, but also because it provided various quality and consistency benefits that would be key to scaling our high-quality, client-centric services."
Wenham stated that consultants in cyber security, assurance, and audit, often rely on a good understanding of each client business which involves a very broad operational focus and relies on multiple, often many, client contacts.
Collecting that information manually is time consuming, prone to error, and is full of ambiguity. Consultants get lost in detail and then are unable to make sense of it all. The common criticisms of consulting providers are; they're expensive, not available when you need them, and hit or miss on quality.
Through Checkbox, AssuranceLabs remedied their pain points by automating data complete assessments in their own time. This gave the company both a dear picture of the business and a high quality, consistent method of turning their data inputs into actionable outputs connected with their services goals.
"What every good consultant does is collect information, apply a logical assessment of that, and provide an output or recommendation accordingly. So our solution essentially automates the role of a good consultant, allowing our team to focus on client relationships, additional guidance and areas we can add value."
Initially AssuranceLabs was looking to build on Excel however Wenham stated that "the obvious advantages of a platform such as enhanced security, version control, and user-friendly features like dashboards, and tracking in-progress and completed assessments" made it a good fit.
"As a more modern platform, the simplicity of building apps in Checkbox was evident. In my view, that’s what differentiates mediocre and great software. It’s often the simplest functions that are the most powerful when used in creative ways to solve real problems."
Within the first few months AssuranceLab's core "Readiness Assessment" solution that identifies any compliance gaps, documents and maps the clients control activities to the compliance criteria (SOC 2 Trust Services Criteria) has reduced consultants average per assessment time from 5-7 business days to less than 1 hour. Wenham states that clients' time has been reduced from 2-3 business days to roughly about 1.5 hours and conversion rates have improved from 13.5% to 43% post completion of the free assessment. Furthermore, average lead conversion time frame reduced from 4.2 months to 2.1 months since implementation.
The company has also experienced 75% higher instances of control gap identification and 30% higher instances of control identification. For Auditors and consultants, the implementation of these new automation solutions has reduced time spent on audit phases by 40%. They have also experienced 65% fewer audit quality review points attributed to the quality and consistency benefits.
Wenham has stated that the Readiness Assessment solution has helped the company accurately identify the scope of the system with various outputs to populate. "We receive a lot of positive feedback from our clients on our quality of service, that our modern and innovative approach differentiates us from all of our competitors, and the seamless interactions with our team. While they aren't directly attributed to our Checkbox solutions, it's a core part of our offering that obviously plays a role in that."
Our Checkbox solutions have moved faster than our core services business. We've automated the assessment for various other security and privacy standards like ISO 27001, HIPAA, GDPR, the Consumer Data Right Accreditation for Open Banking, and SOC 1, on top of our initial SOC 2 assessment. As a small business we need to be selective about where we offer services, so at this stage we have the automation before we're actually providing all of those services.
So the future of our Checkbox solutions is really pending the evolution of our business, but it enables a new mentality knowing whatever area we go into we can start with a competitive advantage of this valuable automation.