How Thnks Saves 100 Hours During ISO 27001 Certification

Custory Story - Thnks Header Image
About

Thnks is leveraging technology and the science of gratitude to help establish and build strong relationships for the modern world through efficient, personalized, and thoughtful appreciation.

LocationFranklin, Tennessee
IndustrySaaS
Socials
Since partnering with Drata, the Thnks team has peace of mind knowing security is top of mind for their company.

About Thnks

Thnks is combining gratitude and technology to help companies and individuals build and grow career relationships through expressions of gratitude.

Why ISO 27001 and SOC 2?

At Thnks, we want to live that spirit of continual security. It can sometimes be the tendency to pursue security and compliance best practices just for the certification or attestation—so it looks good to clients, rather than focusing on reducing risk overall.

We chose to pursue ISO 27001 and SOC 2 at the same time. Both are really valuable across the industry, but we wanted to be efficient with the audits and preparation. We saw the need to go from previous manual processes and get somewhere closer to more continual automation.

Key Benefits

The main benefit of Drata is the continual investment in security and security controls. Drata really encourages continual monitoring of systems, and they make it easy for us to connect to our cloud hosting provider, code repo or identity provider, and more. The Drata Platform also offers the continuous monitoring of those connections and brings visibility to the security controls we have in place. You can visually see the ISO controls that are mapped to Drata controls and their statuses.

What I also really like about using Drata is being able to use the API to upload evidence instead of manually clicking through some other piece of software—I could essentially automate uploading evidence with Drata.

ROI

The original implementation took about 200 hours through our manual processes based on templates and policies—and that was just preparing for the audit. With Drata, it dropped tremendously. It cut that time in half and we passed our audit with zero nonconformities.

Drata’s given us time back. But more importantly, it’s given me peace of mind in a way. Even though I don’t have 30 years of security experience, I can feel confident in knowing that we have a very solid security posture here at Thnks.

Resources for you
PCI Audits hero

PCI DSS Audit: What It Is + How to Prepare

G2 Fall Reports Thumb

Drata Shines in G2 Fall Reports

Cyberattacks on Local Govs Hero

Cyberattacks on Local Governments on the Rise, Highlighting a Need for Enhanced Security

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.