Workforce management system Rippling has launched an automated compliance tool that the San Francisco-based company says dramatically simplifies SOC 2 audits.
With Rippling’s new tool, IT teams can now manage audits faster, with far less stress. Rippling Automated Compliance is able to do this by using existing data to recommend controls, automatically collect and monitor evidence, resolve issues, and manage the audit on one platform—removing the need for third-party tools.
Rippling Automated Compliance helps to identify and resolve compliance gaps in real-time, which frees IT teams to spend less time on routine compliance issues and focus on critical tasks.
In an April 28 blog post, Emma Lawler, product lead at Rippling, wrote:
Most SOC 2 tools simply tell you what’s wrong, but they can’t help you fix it. They’re detection systems bolted on top of tools they don’t control, so every gap becomes a distracting side quest.
Rippling is different. We’re not a reporting layer on top of your tools — we are the tools. Device management, identity and access, HR, performance management. So, most of your evidence is collected before you start. And when we find a compliance gap, we can actually close it.
That’s how Rippling helps you get a SOC 2 report, fast, without cutting corners.
When Rippling flags an issue, it takes you right to the fix. Unencrypted device? Encrypt it. Wrong app access after an access review? De-provision it automatically. Security training incomplete? Send a reminder and gate the employee’s system access until it’s done.
Maintaining compliance goes from a recurring scramble to something you knock out between meetings.
When you offboard an employee, Rippling revokes their access, wipes their device, and generates a certificate of data destruction for your auditors all in one system, she says. When you onboard a new hire, their device arrives pre-configured with the right settings. And now with Rippling Automated Compliance, your SOC 2 evidence is collected automatically as your workforce evolves.
Once your evidence is collected, you’re connected with an independent CPA firm and pen testing partners. You can plan the audit, approve and export evidence, and respond to auditor requests all in one centralized portal. The auditor reviews evidence independently and uploads your final SOC 2 report once done, Lawler says.
Rippling Automated Compliance is available today for SOC 2 Type 1 and Type 2, with more frameworks coming soon.
Sign in to get access to this free resource, and all of our whitepapers and reports.
Download this content today!
Register Now Already registered? Click here to Log In
Tags: Accounting, audit, Auditing, auditors, Automation, compliance, IT auditors, Rippling, SOC 2, SOC 2 audits, Technology
