Thoropass
ThoropassReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
562 reviews
from
External reviews are not included in the AWS star rating for the product.
Thoropass simplifies the compliance process with its skilled support and seamless handoff to audit.
What do you like best about the product?
I liked that I did not have to find my audit partner and then explain to that partner where all the evidence was located. Thoropass made that effort very easy.
What do you dislike about the product?
On one occasion, the audit team and the customer service team were not on the same page, and that caused some temporary grief.
What problems is the product solving and how is that benefiting you?
Thoropass has helped us to assess our SOC 2 Type II compliance. We will share the report with our customers to prove our compliance efforts are strong and ongoing.
Changing for the best
What do you like best about the product?
I enjoyed working with this platform. In our case we have started working with a different platform, making little progress. Switching to Thoropass was the best decision we could have made.
What do you dislike about the product?
They don't have a live chat. Some errors happen when editing policies.
What problems is the product solving and how is that benefiting you?
Tracking the status of tasks, controls and activities.
Speedy response and great communication
What do you like best about the product?
Good communication with the team, speedy response and completion of deliverables
What do you dislike about the product?
Price as a small business is always a factor
What problems is the product solving and how is that benefiting you?
Pen Testing and Audit for SOC II
Superior to Vanta/Drata, but still room for improvement
What do you like best about the product?
With Thoropass, you have hands-on help to get over the audit hump. The pre-provided reports are great if you've never had a SOC audit before, the testing coverage is broad and the team is extraordinarily helpful. You get the distinct feeling that these folks were auditors first, and software developers second, rather than the other way around.
We arrived having already established our procedures and controls from a traditional audit and had built our engineering processes around those controls. Some of them did not align with the default policies, so we worked with the team to adjust the controls to match making sure the SOC standard was adhered to. This allowed us to stick with our original policy docs that our team was already trained around.
Further, the team continues to meet with you throughout the year so that the Type 2 audit is a breeze and virtually all the materials have been collected over the period already.
Major distinction from Vanta/Drata: they don't insert expensive systems into your AWS or Azure environment for continuous monitoring. I've heard those folks end up costing their customers a lot just in increased AWS costs.
Also, the price is exceptional.
We arrived having already established our procedures and controls from a traditional audit and had built our engineering processes around those controls. Some of them did not align with the default policies, so we worked with the team to adjust the controls to match making sure the SOC standard was adhered to. This allowed us to stick with our original policy docs that our team was already trained around.
Further, the team continues to meet with you throughout the year so that the Type 2 audit is a breeze and virtually all the materials have been collected over the period already.
Major distinction from Vanta/Drata: they don't insert expensive systems into your AWS or Azure environment for continuous monitoring. I've heard those folks end up costing their customers a lot just in increased AWS costs.
Also, the price is exceptional.
What do you dislike about the product?
We ran into some issues with the actual auditors not wanting to find a policy in our documents because our documents weren't their default standard documents. The tool asks you to link the policy for the auditor to review and many times the auditor came back asking us to screenshot the exact place in the documents where the policy existed rather than reading it themselves. I would have preferred that they reviewed our documents thoroughly before asking for assistance.
What problems is the product solving and how is that benefiting you?
Helps us stay SOC compliant without a huge annual auditor headache
Communication was top notch
What do you like best about the product?
Thoropass has had the best communication for the pentest process compared to any other vendor we've used. They make everything simple and easy by offering options for communication based on what works best for you. Retest scheduling was beyond easy and very fast.
What do you dislike about the product?
We haven't had any issues or dislikes occur with Thoropass yet.
What problems is the product solving and how is that benefiting you?
Thoropass performs our pentest annually and keeps the process simple by providing timely communication and customization of how you receive these updates.
Excellent Service!
What do you like best about the product?
Thoropass Staff were able to work with us to guide our growing company through the SOC 2 Type 2 Process to help us achieve a completed report. Their staff were friendly, responsive, professional, and very competent. Thank you very much, Thoropass!
What do you dislike about the product?
When working in SOC2 Type1, there were some times when there were some slow - loading pages, but those problems have been completely fixed and no longer happen on their platform. A++ rating!
What problems is the product solving and how is that benefiting you?
We needed to complete a SOC 2 Type 2 Authorization within a tight deadline, and their system and team guided us through the process.
Compliance simplified
What do you like best about the product?
Thoropass provides an easy-to-use portal, well-architected policies and procedures, and an excellent success plan that makes adoption and maintenance easy. The success team is quick to address questions and provide documentation to help with education and navigating compliance.
Thoropass has become our main portal for all compliance documentation and training, they even helps with our on boarding and off-boarding checklists.
Thoropass has become our main portal for all compliance documentation and training, they even helps with our on boarding and off-boarding checklists.
What do you dislike about the product?
Downsides are occasional integration breaks between systems that require reauthentication.
What problems is the product solving and how is that benefiting you?
Thoropass provides consistency in our process managment and eases our system audits. As a compliance partner, they are instrumental in validating our commitment to customers in data security.
Seamless SOC 1 Audit Experience with Outstanding Support!
What do you like best about the product?
Thoropass provided an intuitive platform that streamlined our SOC 1 Type 1 audit process, with standout features like the Road Map, Policy Management and Task Assignments that kept us organized and on track. The exceptional support from their Customer Success Manager, Victoria Chervinska, made the entire experience efficient and stress-free.
What do you dislike about the product?
Honestly, we didn’t encounter anything negative during our experience with Thoropass. The platform exceeded our expectations, and the support we received was great.
What problems is the product solving and how is that benefiting you?
Thoropass solved the complexities of our SOC 1 Type 1 audit by providing an intuitive platform with features like Tasks, the Road Map, and Policy Acknowledgments. These tools streamlined compliance efforts, kept our team aligned, and made managing the audit process efficient and stress-free.
Communicative and knowledgeable
What do you like best about the product?
What I like most about Thoropass is the ease and timeliness of communication. The team that has been assigned to our organization is always responsive and helpful.
What do you dislike about the product?
We haven't noticed any downsides. There are features that could be more fleshed out but that is a matter of time.
What problems is the product solving and how is that benefiting you?
We are conducting SOC and HITRUST audits. The Thoropass platform has made it easy to keep track of all our documents and evidence.
SOC2 Compliance Made as Easy as Possible
What do you like best about the product?
I appreciated having the Thoropass portal as a centralized repository to store all of our documentation. It also served as a guide to ensure we completed everything necessary in a timely manner. Having a personal contact to meet with regularly was also very helpful. RJ and Ritu were always available to address any questions we had along the way.
What do you dislike about the product?
I felt the tasking and notifications area of the portal could be more robust. However, they are planning an update to enhance those features soon.
What problems is the product solving and how is that benefiting you?
We engaged Thoropass to help us prepare for an AICPA System and Organization Control 2 (SOC 2), Type 1 audit for the Security and Availability Trust Services Criteria. This includes conducting a gap assessment and ordering a remediation plan
consisting of policies, procedures, management practices, and required controls to satisfy the requirements of an audit. Essentially, they are helping us streamline the process of obtaining our SOC 2 Type 2 certification.
consisting of policies, procedures, management practices, and required controls to satisfy the requirements of an audit. Essentially, they are helping us streamline the process of obtaining our SOC 2 Type 2 certification.
showing 151 - 160