Codat’s Partnership with BARR and anecdotes Led to an Automated ISO 27001 Certification and SOC 2 Report

Codat provides a universal application programming interface (API) to SaaS and financial service providers who use API to build connected products for their business customers. With a focus on small businesses, Codat makes accessing consented business data from customers’ banking, accounting, and commerce platforms easy with a single integration.

Codat recently partnered with both BARR Advisory and anecdotes, the compliance automation platform, to simplify the audit process and meet compliance requirements for their growing customer base.

Take a look at our partnership highlights from the recently published case study featuring BARR, Codat, and anecdotes. 

Prior to partnering with BARR and anecdotes, Codat had previously achieved an ISO 27001 certification and a SOC 2 report. Because ISO 27001 is a universally accepted standard, the certification helped Codat meet the compliance requirements of their international customers. 

Similarly, a SOC 2 report demonstrated their dedication to meeting industry standards within their growing U.S. territory. However, in order to complete both ISO 27001 and SOC 2, Codat was spending a significant amount of time and resources managing their security and compliance posture.

“We knew that partnering with both an audit firm who could report on ISO 27001 and SOC 2 simultaneously and a compliance automation provider would give us back time and allow us to focus on what we do best at work,” said Senior Information Security Manager Josephine Robinson. 

In order to reduce the time and effort spent on audits, Codat needed an audit partner who could complete both ISO 27001 and SOC 2 reports through one engagement and ultimately become a long-term trusted advisor. After researching several other firms, Codat knew BARR was the right fit because of BARR’s friendliness and “test once, report many” approach to auditing. 

Automating the engagement process was also essential to Codat. As their established partner, anecdotes provided a platform that easily connected to Codat’s unique system to automate key parts of the engagement, including pre-mapped controls and evidence collection.

“Through our search for an auditor, BARR stood out among other firms as genuinely friendly and easy to work with. They also offered a ‘test once, report many’ approach to give us the compliance we need in less time. anecdotes provided us with unparalleled support through their subject matter expertise, which helped us tremendously as we switched to an automated compliance process,” said Robinson.

• BARR helped Codat adjust their requirements for the newly released ISO 27001:2022 and mapped the controls Codat had in place to fit both ISO 27001 and SOC 2. 
• anecdotes’ platform simplified the evidence collection process throughout the engagement process, which saved Codat time and led to massive improvements in their overall compliance journey.

By partnering with BARR and anecdotes, Codat achieved a new level of compliance and significantly reduced the amount of time and resources spent on audits. Codat also:

• Adhered to two of the highest-regarded frameworks, ISO 27001 and SOC 2.
• Improved the compliance process through simplified evidence collection.
• Increased customer trust and built upon a growing U.S. territory.
• Gained a true partnership with trusted advisors and subject matter experts.

“BARR’s friendliness made us want to continue working with them again and again, while anecdotes’ automation-focused platform allowed us to plug into software C programming and improve our features. Partnering with the two organizations on our compliance program led to big wins,” said Robinson.

Contact us for more information on how BARR and anecdotes can help your organization achieve compliance efficiently and effectively.