|
|
|
|
|
|
by jronald
738 days ago
|
|
|
For the first SOC2, I don't hold this against a startup (I appreciate they are going through the efforts this early). Would want to see it become 6 month/1 year as the program matures. A vendor like this is low risk (aggregator of "public" information, limited data sharing, etc). I have all sorts of issues with Vanta/Drata "compliance as a service" tools, but adequate for something like this, at this point in time. |
|
|