Why Drata Is the Preferred Compliance Automation Platform for Schneider Downs

A case on how Drata enables audit firms while preserving auditor independence and earning trust.
Asset - Tim Wolfgang

by Tim Wolfgang, CISA, CISSP, CCSFP

September 01, 2023
Asset - Schneider Downs

The Importance of Auditor Independence

Maintaining our independence and integrity as auditors is core to what we do. Because of this, there are many things we take into consideration when choosing specific platforms or organizations to work with.

Drata stands out because it's one of the only compliance automation platforms that really considers the auditor's needs when it comes to helping companies achieve compliance. They take their commitment to maintaining auditor independence very seriously, which heavily aligns with Schneider Downs’ values.

How Drata Enables Auditors

Because of the easy-to-use interface of the platform, it’s clear that Drata was built with the auditor’s needs in mind as well as the customers. As part of their Auditor Alliance Network, we are fully supported by the Drata team and empowered to use their platform to the fullest extent.

As an audit firm, it’s important that we fully understand how the platform we’re using is producing the information it receives. Drata provides us the tools and data that we need to get comfortable using the platform and translating the information it generates. 

ROI With Drata’s Standardized Evidence

Getting our clients to provide evidence that an auditor would consider “complete and accurate” is a challenge that we’re consistently up against.

The time savings we get with Drata comes from their standardization of evidence. With Drata, we can easily obtain this data as part of our standard audit evidence and communicate directly with clients in the platform if questions arise during the audit. It streamlines the entire audit process. But most importantly, we know we can rely on the evidence that Drata provides.

The JSON file format is really important because it gives us the ability to read the actual data that Drata receives as part of its system integrations. There are times when the auditor may have questions about the results of a specific audit test or the scope of a control, so having access to the JSON files streamlines the process of fielding those questions.

Trusted Newsletter
Resources for you

What Is a PCI ROC + When Do You Need One?

SOC 2 Compliance Checklist hero image

SOC 2 Compliance Checklist: 9 Key Steps To Take

PCI Audits hero

PCI DSS Audit: What It Is + How to Prepare

Asset - Tim Wolfgang
Tim Wolfgang, CISA, CISSP, CCSFP
Related Resources
Asset - Schneider Downs

Why Drata Is the Preferred Compliance Automation Platform for Schneider Downs

MJD + Drata

An Auditor’s Perspective: Why MJD Recommends Drata