Case Study

SOC 2 in 30 Hours: How Laika Made Compliance Quick and Painless for Trace

October 29, 2020

Laika

Trace makes purchasing smarter and easier for businesses like NetSuite, Intacct, and QuickBooks. The company’s platform manages the purchasing process, allowing finance teams to focus on making more strategic financial decisions.

It’s no surprise that when Trace decided to pursue their first SOC 2 audit, they sought outside expertise to make the process as quick and painless as possible. With Laika’s help, Trace went from zero compliance to a SOC 2 audit final report in hand within Q1.

We spoke with Martin Destagnol, CTO of Trace, to learn more about how Laika made Trace’s first SOC 2 audit such a success.

Trace Needed a SOC 2 Audit to Effectively Go-to-Market

Trace knew a SOC 2 audit would help them meet prospect expectations and build trust in those initial conversations. The problem was that this was Trace’s first audit, and they didn’t know where to begin.

They did, however, have an idea of what to expect. Trace had watched other startup teams struggle with their first steps into compliance. Some companies spent up to a year trying to complete their first SOC 2 audit.

“It was really important for us, especially from a customer acquisition perspective, to prove that we were doing stuff the right way. SOC 2 is something our customers really value, so it is something we really value.”

Trace knew that if they didn’t want their first SOC 2 to be a massive, time-consuming ordeal, they needed help. And not help from just anyone. They knew they needed experts they could trust, who understood the unique challenges of compliance from the startup perspective. They also wanted someone who would work as an extension of their team.

Even better, Trace’s ideal SOC 2 solution would bring to the table technology that reflected the values of their own product. They wanted to work with a platform that would simplify an already complex process, not make it more complicated.

Laika Helped Trace Start Their SOC 2 from Scratch

Trace turned to Laika for help achieving their first SOC 2 audit. They built their entire compliance program foundation from scratch in Laika Knowledge Base with Laika Concierge.

Knowledge Base: Trace’s Compliance Hub

The Knowledge Base platform served as Trace’s central hub for compliance. It provided templates, tasks, and everything needed to make immediate progress on preparing for their SOC 2 audit.

Laika’s Knowledge Base segmented Trace’s SOC 2 requirements into actionable tasks, making the entire process much more manageable and concrete. Not only could Trace track their progress through these lists of tasks, but they also got visibility into the entire project, allowing them to understand the scope of their undertaking.

Concierge: Trace’s SOC 2 Project Manager

Our Laika Concierge experts worked as an extension of the Trace team to design and implement SOC 2 controls. We helped them improve their data protection and security. We were also available 24/7 to answer Trace’s questions and make stage-appropriate recommendations based on the team’s unique needs and challenges.

“To have a team that has done it so many times, that can do it with you, is such a great value-add. It wasn’t just being in front of an interface and going through the pain. I really felt [that] every time we had an open question, the team would come back quickly with a solution. It really felt like we were not on our own.”

The concierge team didn’t just help Trace prepare for the auditor; they also advocated for them throughout the entire audit process. Laika’s experts managed the relationship with the auditor, asking the right questions, and ensuring that everything stayed on track.

With Laika, Trace Achieved SOC 2 Compliance in Only 30 Hours of Work

“I was expecting the audit to be challenging for us. But what really happened was ‘Here is the first draft of your report.’ I was like ‘What!?!’”

SOC 2

With Laika’s help, Trace completed their first SOC 2 audit within Q1, with very little burden on their team. This not only opened a whole new segment of high-value customers but also freed up the Trace leadership to focus on other priorities.

In total, it took Trace less than 30 hours of work over Q1 to complete the audit. Laika shouldered the bulk of the commitment in audit prep and through audit management to a final report.

Because Laika anticipated the auditor’s demands, Trace didn’t have to experience the back-and-forth that usually slows SOC 2 audits to a crawl. The auditor had only one ask of the Trace team, and it was for a document needed from Google.

The Laika platform continues to serve as a long-term repository for Trace’s compliance. It stores all of their policies, documentation, and goals to make it easy for Trace to answer customer security questions and to make all future audits go just as smoothly as the first.

What’s Next for Trace?

Laika didn’t just make the SOC 2 audit quick and painless for Trace; we also worked with Trace to strengthen their data protection and security and set up Trace’s compliance to easily scale and grow along with the rest of the startup.

Now, Trace’s compliance evolves with the company as they move upmarket. This makes it easier for Trace to complete annual SOC 2 audits and add compliance to meet customer expectations. In the meantime, Trace uses its SOC 2 status to build credibility with prospects and prove a strong commitment to data security.

“It really impacts us significantly. When you are starting a company like this and you are connecting to [your customers’] financial workflows, you need to build trust. Having a SOC 2 is so helpful in our conversations.”

As Trace continues to grow, Laika stands by to answer questions and provide guidance on how to shape the future of Trace’s compliance.

Ready to start your compliance journey? Team up with Laika to do it right.

Stay in touch