How Drata’s Automation-Focused Approach Empowered Chargify to Pursue SOC 2 Success

Case-Study Chargify
About

Chargify is a subscription management software empowering thousands of B2B SaaS businesses to better manage the recurring revenue lifecycle to move fast, iterate, and grow.

LocationSan Antonio, TX
Industry Billing and Revenue Management
Socials
A case of how the right platform can make achieving security best practices hassle-free.

The Challenge

Chargify is a subscription management software built for the evolving needs of fast-growth B2B SaaS companies. Industry leaders trust Chargify to power their complex billing and revenue management, and as we expand our customer base, we knew we had to put SOC 2 at the forefront of our business strategy.


As the frameworks for security and compliance protocols have evolved over the years, the Chargify team needed an automated platform that would help us work smarter, not harder, without having to add more of our resources to the process.


Why Drata

When researching another legacy player in the space, their tools were noticeably convoluted. In addition, their control mapping didn’t follow an instinctual strategy for the end-user which would have put large amounts of manual work on our team. We were looking for a partner that would lift the heavy burden of manual processes, not add to them.


Once we came across Drata, it was evident that their infrastructure was as clear cut and straightforward as it gets. Our partners and control owners were confident that Drata’s automated evidence collection would allow us to scale our security measures easily. When our professional network and auditor community both highly recommended Drata, we knew this was the right way to go. Drata has been the smartest option for setting up Chargify for SOC 2 success.


Immediate Benefits

We’re in the midst of our SOC 2 journey, but we’ve been able to hit the ground running thanks to Drata. Our onboarding went smoothly and we were easily able to facilitate key integrations with G-Suite, Kandji, and AWS right from the start. We’ve already seen valuable insights about our security posture and have received positive feedback from Chargify leaders, engineers, and developers about the platform helping to break down silos between our teams. By automating the evidence collection process, Drata is helping to transform our audits from “big, time-intensive events” to business as usual, making compliance implementation easier on the company as a whole.


On the Horizon

As we prepare for our SOC 2 Type 1 audit, we look forward to having Drata’s in-house team of experts as resources for our company’s security and compliance measures. With Drata’s help, we know the rest of the SOC 2 journey will be a breeze, and we’ll be able to achieve and maintain compliance as an integral piece of our security best practices.


We’ve seen massive value with Drata since day 1 for our compliance needs. Beyond streamlining the process of creating policies and mapping controls for SOC 2, we immediately received a real-time status of our security posture and the improvements we needed to make to our data protection practices. Compliance is no longer an uphill battle now that we’re automating the journey with Drata.

Ed Sachanowicz

Vice President of Information Security, Chargify

Resources for you
How to Conduct a Business Impact Analysis

How to Conduct a Business Impact Analysis

Drata Series C Blog Hero Image

Announcing Drata’s Series C

Blog-Featured-Images-28

What Are Containers? + Why Should You Use Them

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.