How Secureframe Revolutionized Our ISO 27001 Compliance Process
What do you like best about the product?
We used Secureframe to streamline our ISO 27001 compliance efforts. Before that, we worked with consulting companies that either had their own, not-so-great compliance tools or had us managing everything manually with Excel files and Dropbox—an incredibly tedious process. A colleague recommended Secureframe, and it’s been a complete game changer for us.
The integration features are outstanding. We connected it to our Azure account (and other SaaS platforms we use), and it immediately identified configuration changes we needed to make. The system provided easy-to-follow instructions to help us harden our setup and ensure compliance with our policies. This automation not only made the process smoother, but it also simplified showing evidence of controls to auditors.
Secureframe’s built-in content management system for policies is another great feature. It tracks version history and allows employees to log in and review policies based on their roles. This ensures everyone is reviewing the required policies annually for compliance.
I also found the Vendor section extremely useful. It enables us to assess and rate the risks associated with our suppliers and keep track of their compliance documents. The integrated risk register is another standout feature. While I could go on about many more features, these are the ones that have been particularly impactful for us.
We just completed our annual surveillance audit, and it went incredibly smoothly. Our external auditor, who’s quite old-school, was initially skeptical of Secureframe, especially its ability to integrate with our systems and provide real-time compliance evidence. By the end of the audit, he said it was the best compliance tool he’d ever seen and planned to recommend it to his clients.
If that wasn’t enough, their support team is fantastic. Our Customer Success Manager, Brandon, is super responsive, often replying to emails within the hour. If he can’t address something immediately, he loops in his team, and they follow up just as quickly.
We couldn’t be happier with Secureframe and are excited to expand its usage as our business scales and we explore support for more frameworks.
The integration features are outstanding. We connected it to our Azure account (and other SaaS platforms we use), and it immediately identified configuration changes we needed to make. The system provided easy-to-follow instructions to help us harden our setup and ensure compliance with our policies. This automation not only made the process smoother, but it also simplified showing evidence of controls to auditors.
Secureframe’s built-in content management system for policies is another great feature. It tracks version history and allows employees to log in and review policies based on their roles. This ensures everyone is reviewing the required policies annually for compliance.
I also found the Vendor section extremely useful. It enables us to assess and rate the risks associated with our suppliers and keep track of their compliance documents. The integrated risk register is another standout feature. While I could go on about many more features, these are the ones that have been particularly impactful for us.
We just completed our annual surveillance audit, and it went incredibly smoothly. Our external auditor, who’s quite old-school, was initially skeptical of Secureframe, especially its ability to integrate with our systems and provide real-time compliance evidence. By the end of the audit, he said it was the best compliance tool he’d ever seen and planned to recommend it to his clients.
If that wasn’t enough, their support team is fantastic. Our Customer Success Manager, Brandon, is super responsive, often replying to emails within the hour. If he can’t address something immediately, he loops in his team, and they follow up just as quickly.
We couldn’t be happier with Secureframe and are excited to expand its usage as our business scales and we explore support for more frameworks.
What do you dislike about the product?
While Secureframe covers all of our major cloud and SaaS providers, I do wish there were a few more integration options available, and in some cases, I’d like the existing integrations to be a bit more robust.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us streamline and automate our ISO 27001 compliance process, significantly reducing manual tasks and simplifying audits. By integrating with our cloud and SaaS platforms, it provides real-time insights into our compliance status, ensures our systems are secure, and makes it easier to demonstrate evidence to auditors. This has not only saved us time and effort but also increased our overall efficiency and confidence in staying compliant.