Blog

Insights and expertise from Thoropass

Featured

Introducing NIST CSF, CMMC Level 1 and Cyber Essentials

Strengthen your baseline security posture and align with the latest industry guidance. Our platform and experts are here to help you move forward with clarity and speed.

Learn More

Latest posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Compliance /

How ISO 27001 Certification Works: Implementation and Readiness

As a prescriptive regulatory framework, ISO 27001 lays out exactly what controls need to be implemented and functioning for a certification. In our last post, we went into the requirements and controls for ISO 27001. Now, we’ll cover how to implement them, execute an internal audit, and prepare for the external audit resulting in certification.

Read Article

Compliance /

How ISO 27001 Certification Works: ISMS and Gap Analysis

Thinking about expanding your business internationally? Maybe you’re based in the EU and need to get compliant to move upmarket. That means it’s time to talk about ISO 27001 certification. As the international standard for information security and data privacy, ISO 27001 applies to organizations of any size, type, or industry.

Read Article

Compliance /

How much does SOC 2 compliance cost?

If you’re like your competitors, it’s time to factor compliance into your budget. For most tech companies, that means getting and staying SOC 2 compliant. But how much does SOC 2 cost for a business tackling the process for the first time? Taking on SOC 2 can be complicated and expensive unless you plan it correctly.

Read Article
Image of money piled messily on top of a laptop

Compliance /

The SOC 2 compliance audit: A definitive guide

For organizations pursuing SOC 2 compliance, understanding the audit process is crucial for success. While implementing controls is important, effectively navigating the evaluation process that examines those controls is equally essential. This guide focuses specifically on the SOC 2 compliance audit—the systematic evaluation that determines whether your security practices meet the required standards and earn auditor approval.

Read Article

Compliance /

How SOC 2 Compliance Works: Risk Assessment

Welcome back to our series on Laika’s SOC 2 process! It’s time to talk about the risk assessment.ICYMI, we’re giving our audience a sneak peek into the nitty-gritty details of obtaining a SOC 2 report. We earned ours in 2020, we guide our clients through SOC 2 each day, and we’re working to demystify the compliance process.

Read Article
Curated by experts

We provide the compliance expertise, so you don’t have to

At Thoropass, we’re more than a readiness solution. Our team of experts are equipped with insight and hands-on experience to provide you with industry-leading perspective and guidance.

Meet the Experts

Stay connected

Subscribe to receive new blog articles and updates from Thoropass in your inbox.

Thank you for subscribing! Be on the lookout for confirmation in your inbox!
Oops! Something went wrong while submitting the form.

Want to join our team?

Help Thoropass ensure that compliance never gets in the way of innovation.

View open roles

Have any feedback?

Drop us a line and we’ll be in touch.

Contact us
Get Started

Solutions

Get CompliantMaintain ComplianceIT Security Audits

Products & Services

Thoropass AuditCompliance AutomationPentestingThoropass AIAccess ReviewsSecurity QuestionnairesRisk AssessmentTrust CenterIntegrations and APIs

Frameworks

SOC 1SOC 2HIPAAHITRUSTCyber EssentialsGDPRISO 27001ISO 27018ISO 42001CMMC Level 1NIST CSF 2.0PCI DSSOther Frameworks

Industries

HealthcareSaaSFinTechOther Industries

Company

Our DifferenceMeet the ExpertsNewsroomCareersIndependence and ExcellenceBecome a PartnerTrust CenterContact us

Resources

Case StudiesBlogGuidesEventsHelp Center

Legal

MSADPAReport an IssueTerms and ConditionsPrivacy Policy

Leading by Example: Thoropass' Certifications

© Copyright 2025 Thoropass, Inc.