Trust Drata’s Pre-Vetted Auditor Network

It’s never too soon to build a relationship with an audit firm. Visit the listings below and click “contact us” to get the relationship started.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business needs. We work with organizations that are seeking to assure data security, privacy, compliance, and processing integrity. Our open communication policy helps to facilitate a more thorough assessment of an organization’s IT security.
(0)
ARORA Solutions LLC

ARORA Solutions LLC

Getting You ISO 27001 and HITRUST Ready - Our team evaluates your security compliance controls and sets you up with a roadmap for Certification, Security and Success. Our Mission ARORA Solutions is a human-centric auditing and technology company focused on delivering security, health and peace to people and organizations. We are one of a select few HITRUST Readiness Licensees and have a team of expert ISO Lead Auditors and Management Systems Implementers. ARORA Solutions offers an array of security and compliance services and tools for companies in numerous areas, including health, sustainability, IT, manufacturing, non-profit and business sectors. * ISO 27001 Internal Audit and Certification Readiness * Drata Compliance Automation Quality Assurance * Top Management Coaching and Support for CISOs, CSOs, CIOs and IT Managers * Outsourced GRC (Governance, Risk & Compliance) Teams * Security-as-a-Service / vCISO * HITRUST Readiness Assessments and Remediation Services * ISO Management Systems Certification Consulting Support for ISO 27701 (Privacy Information Management Systems), ISO 22301 (Business Continuity Management Systems), and ISO 22000 (Food Safety Management Systems) * Virtual Internal Security Audits and Assessments * Contract Auditing for Third-Party Certification Bodies * Development Consulting and pro-bono work for NGOs, community-based organizations and developing world institutions.
5.0 (1)
Aprio, LLP

Aprio, LLP

Aprio is a top 35 public accounting firm with multiple offices across the globe. As one of the few firms that can offer ISO, SOC reporting, HITRUST and PCI Data Security Standard compliance, Aprio’s process is designed to streamline reporting for clients that must manage multiple certifications. Aprio can be your one-stop compliance partner.
(0)
AssuranceLab

AssuranceLab

AssuranceLab is your modern cyber security audit partner. Unlock new opportunities and power your international growth with trust. We have developed a modern, cloud-native approach to carry out cybersecurity audits in your business efficiently. While you can always opt for one-off audit engagements as needed, we also offer monthly compliance packages that empower you to create a culture of trust and continuous, incremental improvement across your operations. Our clients use security and compliance accreditations to: * Grow revenue globally * Improve security and operations * Satisfy customer requirements * Reduce the friction for enterprise * Build trust with stakeholders We’ve invested the last five years developing and validating our innovative approach with trailblazing start-ups that needed to invest in trust to go further. In working with us, they’ve unlocked new growth potential and enjoyed the process. We’re the auditors you wouldn’t cross the street to avoid! And we look forward to working with you soon.
(0)
AssurancePoint, LLC

AssurancePoint, LLC

AssurancePoint, LLC is a CPA firm specializing in independent third party security and compliance assessments. We have completed hundreds of audits across popular industry security frameworks such as SOC 2, ISO27001, and various regulatory complaince requirements such as HIPAA and GDPR. AssurancePoint was founded to meet the growing need for experienced professoinals and quality client service in the information compliance industry. We believe an audit can be more than a check-the-box exercise when executed by seasoned experts who focus on adding client value. Don't just pay for an audit; invest in a partner who can help tell your unique story and provide actionable insights in addition to an audit report. Our mission is simple - A better compliance experience.
(0)
Audit Peak

Audit Peak

Audit Peak is a minority owned CPA firm specialized in IT audits, cybersecurity, consulting & risk advisory services. We are a distinctive brand that focuses on representing and inspiring people while bridging the diversity gap. Our team has a healthy mix of specialists from the Big 4 accounting firms and boutique CPA firms. Team members have led audits for companies across many industries and countries, ranging from start-ups with less than ten (10) employees to more established companies with over fifty-thousand (50,000) employees. Audit Peak’s consultants have audited many legacy environments and even more cloud environments, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). The Audit Peak team also has experience with HITRUST, PCI DSS, and ISO 27001 and plans to offer these and other compliance services in a phased format. Audit Peak has a comprehensive set of standardized protocols focused on continuously improving and enhancing the quality of services and deliverables. The firm is committed to driving actual change and creating a standard of excellence to support and propel its clients’ compliance strategies. Three (3) primary goals shape Audit Peak's authentic integrity: representation, inspiration, and quality assurance. Our core values include Integrity, Quality, Care, Transparency, Diversity, and Courage. Audit Peak will: – Provide equal employment opportunities for CPAs and consultants and employ an inclusive recruitment strategy to create opportunities for minorities. – Strive to inspire more people to seek more opportunities in auditing and cybersecurity. – Strive consistently to enhance the quality of our service standards. – Set an example for our peers to create a more diverse work culture. Services Offered: SOC 1, SOC 2, HIPAA, Agreed-Upon Procedures, & GLBA LET'S TAKE YOUR CYBERSECURITY AND SOC 2 COMPLIANCE TO THE PEAK!
(0)
B.H. Nearon, CPA

B.H. Nearon, CPA

B.H. Nearon, CPA is a licensed CPA firm. It was established by Bruce H. Nearon in 2017 to provide high quality SOC reports at affordable prices to small and medium size service organizations including start-ups and established businesses. Prior to founding the Firm, Bruce was the National Director of IT Audit for one the country’s largest accounting firms for 18 year and was responsible for all of the firm’s SOC examinations and reviews
(0)
BARR Advisory

BARR Advisory

BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.
(0)
Boulay

Boulay

Founded in 1934, Boulay consists of approximately 250 employees, including over 100 CPAs and 30 Partners across our service lines of assurance, tax, advisory and wealth management. We work with individuals, closely-held businesses, private and public companies who are, or who aspire to be, financially successful. Our focus is to protect your business, build your wealth and secure your future by partnering with you and integrating our depth of experience designed to "help you get there". Boulay's Risk Advisory Group provides IT security compliance services to clients across the United States and globally. We specialize in conducting high-quality SOC 2 examinations for cloud-hosted SaaS organizations. Our team of experienced professionals adhere to rigorous AICPA quality control standards and are committed to providing you with the best service possible at an affordable price.
(0)
British Assessment Bureau Limited

British Assessment Bureau Limited

British Assessment Bureau ("BAB") is one of the UK's most popular certification bodies, providing a wide range of certification services for more than 20 years. Through the use of a "no hidden fees" policy, plain language communications and a pragmatic approach to auditing, BAB is well regarded for the service it provides to its clients. This attention to detail and a determination to provide a first-class service to its clients is why it has achieved, and retains, its Platinum Partner status with independent reviews service, Feefo. As a UKAS-accredited certification body, BAB takes its status seriously and ensures clients are provided with a robust assessment process, not just a tick-box exercise, while providing useful guidance through its reports and backing that up with access to a range of training services that can help to increase awareness of both standards and the auditing process, in general.
(0)
CertPro

CertPro

A consortium of Lead Auditors who are tech-forward, with more than 10+ years of experience in the field of information security consultation and audits. The team has hands on experience of working with compliance automation firms, they understand the nuances of evidence collection from the Drata platform, and assist clients with a smooth hassle-free audit and certification experience.
(0)
Consilium Labs

Consilium Labs

Consilium Labs works as a trust enabler between you and your clients by getting you ISO 27001 Certification with a seamless process. Consilium Labs helps you achieve ISO 27001 certification without complications while saving time and cost.
(0)
Copeland Buhl

Copeland Buhl

Copeland Buhl & Company, a 51+ year Twin Cities based CPA firm offers traditional tax and accounting services along with specialty services in Accounting & ERP support, and information security compliance (SOC 2/HITRUST). Focusing on unique solutions for unique clients, Copeland Buhl builds long-term relationships by providing high quality responsive service to clients. It's not about today’s transaction but planning and building for future success.
(0)
DES, LLC CPA & ADVISORS

DES, LLC CPA & ADVISORS

We help SaaS and technology businesses get and stay SOC 2 compliant in less time and with less stress by simplifying the SOC 2 Readiness and Audit approach. Rather than looking at each control and evidence task individually, we can suggest ways to easily address multiple evidence requirements more efficiently. Our company's mission is to find a better way, and we are determined to help companies spend less time on SOC 2 compliance so they can focus on their core business. We take a customized approach to our audit process. Some clients want us to perform the audit in the background focusing on minimizing the business disruption. Other clients want more guidance and need assistance navigating the SOC 2 Readiness process. While we can't make management decisions or implement your controls for you, we can provide the actionable insights and suggestions needed to save you time both in getting ready for your audit and in the way you approach your compliance requirements. Let us tell you more about our process, and how we can help provide you a better SOC 2 Compliance Experience.
(0)
Dansa D'Arata Soucia LLP

Dansa D'Arata Soucia LLP

"DDS" is a full service CPA firm, located in downtown Buffalo, New York servicing clients all around the continental United States and abroad. We pride ourselves on attracting top talent to make sure our clients are always getting the "A" team. Our areas of expertise include traditional compliance services (taxation and financial statement assurance), business valuations, mergers & acquisitions (buy and sell side diligence and sale positioning), client accounting services (outsourced bookkeeping, controller, CFO), and information security attestation and consulting (SOC 1, SOC 2, ISO internal audit, and others). Our information security attestation group has seen exponential growth as demonstrating data security and compliance has become increasingly important to service providers and SaaS businesses. We are on a quest of continuous learning, efficiency building, and finding new ways to provide the best client service possible. While we have independence standards to maintain, we always strive to be as organized, available, and helpful to our clients as possible. We want our services to always feel like a value-add to generate long-standing relationships with our clientele. We look forward to having a conversation with you to answer any and all concerns and to find ways to make your lives simpler, and your businesses more successful.
(0)
Daszkal Bolton, LLP

Daszkal Bolton, LLP

Our Firm In its 30 years, Daszkal Bolton has grown to be a regional leader in accounting and advisory services with a national reach. With three offices and 200+ professionals across our tax, audit, and advisory practices, we’re prepared to help you grow. SOC Services Daszkal Bolton’s Digital Advisory helps businesses build trust and value through its SOC Services, specifically adapted to leverage Drata's efficiencies. In addition to SOC Services, our practice provides services for cybersecurity, automation, and analytics. Whether defending against cyber threats, such as phishing and ransomware, building bots to automate routine processes, or developing dashboards to power business intelligence, Daszkal Bolton is your trusted advisor for technology.
(0)
Drummond Group, LLC

Drummond Group, LLC

Drummond helps companies navigate complex regulatory compliance, security, and risk-management environments, without needless jargon and fear-mongering. We offer a comprehensive suite of services that protect customer data, ensure compliance, and increase trust. Our industry-leading experts have created an innovative process that demystifies compliance, mitigates risk, increases our client’s peace of mind, and helps improve outcomes.
(0)
GRSee Consulting | PCI-DSS Auditors

GRSee Consulting | PCI-DSS Auditors

Every growing company needs a competitive edge, and when it comes to payment security the best way to install trust among your client base is to be compliant with PCI-DSS standard. Being in the cybersecurity domain for over a decade GRSee Consulting's approach & process turns your compliance challenges into ways of building trust & integrity with your customers. Our goal is to get you PCI-DSS compliant as efficiently as possible by minimizing your PCI scope. Get in touch for an introductory call by clicking get in touch!
(0)
Grant Thornton Australia

Grant Thornton Australia

Australian based team of specialist controls assurance auditors and advisors, focussed on SOC2, ISO27K and CPS234. At Grant Thornton Australia, care is just as important as capability because we believe that your experience is as important as the outcome. We strive to provide a strikingly different experience – one that’s more personal, proactive, authentic and agile. To achieve that, we focus on investing in and building our relationship with you. Data and digital transformation is squarely on the agenda for many businesses. The use of cloud resources, data storage, processing integrity, and ‘everything as a service’ has increased. Outsourcing data management and processing is now the norm for many industries. Along with this is the need to address risk and controls when it comes to data privacy and handling. If you are a third party supplier or handling and processing sensitive customer information, then the onus is on you to test your security controls to ensure you are compliant with data privacy provisions across jurisdictions. With the influx of data privacy requirements, we are seeing the business landscape increasingly trending toward SOC reports for service suppliers now accepted as just being a part of the cost of doing business – now is the perfect time to get prepared with a SOC report. Our SOC reporting capabilities provide you an understanding of the risks associated with your internal controls so you can confidently address these risks. A Grant Thornton SOC report provides you with an efficient way of responding to security audit requests and demonstrates your commitment to security and privacy for current and prospective customers. Risk management is a company-wide concern, with most stakeholders now requesting an SOC report as part of supplier due diligence prior to an engagement, or ongoing monitoring processes. SOC reports provide a transparent assurance of internal control accountability and for addressing multiple stakeholder assurance demands. Grant Thornton can help you decide which SOC report is applicable to your business or client requirements, and conduct and certify the chosen SOC report.
(0)
Insight Assurance

Insight Assurance

Insight Assurance was founded by former Big-4 professionals (Former EY) looking to simplify the world of IT compliance. With over 20 years of professional experience working with hundreds of organizations from startups to Fortune 500 companies on a variety of engagements; the team at Insight Assurance partners with organizations looking to meet their organizational and compliance goals using technology and compliance automation software. We provide the following services: * SOC 1, SOC 2, and SOC 3 Examinations * ISO/IEC 27001 Certifications * PCI DSS Assessments * HIPAA/HITECH Security Assessments * Penetration Testing and Vulnerability Assessments * General Data Protection Regulation (GDPR) Services * vCISO Services
(0)
KirkpatrickPrice

KirkpatrickPrice

Our mission at KirkpatrickPrice is to give the support and guidance your organization needs to embark on a successful compliance journey. You don’t have to settle for choosing a partner that conducts an audit and leaves you with unanswered questions and compliance worries. Instead, you can start and finish the audit with a firm that wants to see you defeat the most challenging compliance requirements that you face. When you choose to partner with KirkpatrickPrice, you’re choosing a partner that will be by your side throughout your entire compliance journey Our average auditor has over 17 years of experience, with extensive knowledge of information security across all industries. We require specific certifications like CISSP, CISA, CISM, and CGEIT of our auditors and audit support staff, along with continued education to learn about new trends and threats. Our auditors are committed to educating and empowering you throughout your engagement.
(0)