case studies

Driving Compliance Command and Control: How Achieved SOC 2 Success with Trava

by Trava, Cyber Risk Management

Unlocking SOC 2 success, partners with Trava, bridging expertise and technology to navigate complex compliance landscapes and fortify data security, bolstering customer trust and enabling expansion into enterprise markets.

In today's data-driven world, cybersecurity has become an indispensable element for any organization seeking to safeguard sensitive information and build trust with customers—especially for tech companies like

About is a platform that connects supply chain systems so their customers have better control over information when managing their freight.


With the amount of freight logistics and shipper data handles, achieving SOC 2 compliance to prove the maturity of their data security practices is paramount to serving their customers. However, navigating the complexities of SOC 2 compliance and effectively managing the process can be a daunting task, especially for growth companies like

Mark Platt,, VP of Engineering, the leader of the charge for, shares his perspective on the initial exploration of compliance solutions: “Having had prior experience with compliance in a previous role, I knew that we needed to explore the market for software that could assist in meeting our compliance needs for both the initial stages and throughout our ongoing journey. The market proved to be robust, and offered a variety of solutions.”

Initially, selected a GRC tool that helped manage their compliance efforts in one place. However, the team quickly realized that they needed more human expertise and guidance than the tool was providing.

To address these challenges, turned to Trava for help achieving SOC 2 compliance. Trava's expertise in security and compliance, coupled with their deep understanding of SOC 2 requirements, presented with an ideal complement to the GRC tool.

Eric Green,, COO, another key team member, reflects on the challenge of prioritization during their compliance journey, “While we had all the technical components in place, we realized that we needed additional support to organize and prioritize our audit responses to align with the framework. The Trava team was a great partner for bringing best practice and prioritization expertise.”

Trava's Role in Transforming's Compliance Journey

Trava's vCISO services provided with the strategic guidance and hands-on support they needed to effectively manage their SOC 2 compliance process. Trava became another team member for whose expertise played a pivotal role in ensuring stayed on track and met all the necessary requirements.

Accelerated Compliance Achievements and Beyond

Under Trava's guidance, was able to achieve SOC 2 Type 1 and Type 2.

Being SOC 2 compliant gives several extra boosts, including:

  • Increased Customer Confidence: Achieving SOC 2 compliance instilled confidence in's customers; demonstrating their commitment to data security and enhancing their reputation as a trustworthy partner.

  • Enhanced Reputation: SOC 2 compliance is a testament to's commitment to cybersecurity, boosting their reputation as a security-conscious organization.

  • Ability to Expand to Additional Enterprise Customers: Possessing a SOC 2 attestation expands opportunities with customers that require proof that will be a good steward of their data.

"As the business sponsor of the SOC process, all the nuances and acronyms were a new language to me. The Trava team had a great way of translating, interpreting, and creating the actions required that a business person could understand. It was of great help to have the support of security professionals." - Eric Green

The collaboration between and Trava shows the value of leveraging a vCISO partner in achieving SOC 2 compliance. By leveraging Trava's expertise, not only achieved SOC 2 certification but also gained valuable insights into operationalizing security measures and preparing for future certifications.


We can help!  Talk to the Trava Team and see how we can assist you with your cybersecurity needs.