How Scytale’s SOC 2 Audit Management Helped PayEm Remove Sales Roadblocks

PayEm allows finance teams around the globe to manage, automate and connect finance processes all within their holistic spend and procurement platform.

Omer Rimoch

CTO, PayEm

Scytale exceeded our expectations. We continued operating as normal during our audit preparation. Our SOC 2 workflows were super organized, which made it the smoothest process we could have asked for. Scytale is the perfect combination of technology and advisory.

THE CHALLENGES

Customers demanding a SOC 2 report

PayEm’s customers and prospects’ security teams started asking to see their SOC 2 report before doing business, and their inability to demonstrate SOC 2 compliance presented a major barrier to sales.

Overwhelming and foreign SOC 2 process

The PayEm team knew they were not going to be able to handle their SOC 2 audit on their own as they didn’t have any prior SOC 2 experience, so they went looking for the right experts to guide them through the process.

Maintaining business as usual

PayEm CTO, Omer Rimoch, was aware of the time-consuming and tedious preparation processes associated with SOC 2, and was concerned about this interfering with their business goals.

Ensuring security oversight across organization

While PayEm takes every measure to ensure the security of its customers’ financial data, there were a few blind spots regarding HR best practices and internal operations. There needed to be robust security practices across the organization.

THE solution

Huge time savings

As a startup in hyper growth mode, it is crucial for PayEm to ensure day-to-day operations are uninterrupted. Scytale enabled PayEm to continue work as normal and saved the organization countless hours that would have been spent on evidence collection and monitoring had they opted to do it alone.

An organized and guided process

The process was extremely clear and organized from start to finish. Scytale guided the team through every step of the compliance process, and advised on all the necessary tasks to be completed and which items should be collected, in order to be audit-ready. Some preparation support that stood out for PayEm included advice on vendors’ risk assessments, correct policies and procedures, user access review and the internal audit.

Technology plus advisory

PayEm enjoyed tracking and managing SOC 2 workflows within the automated compliance platform, as well as the expert guidance throughout the entire SOC 2 process.

KEY TAKEAWAYS

Surprisingly simple: PayEm could easily follow Scytale’s guided step-by-step process regarding what is needed to attain SOC 2 readiness, when it is needed and how it is executed.
An organized and guided process: The entire Scytale team was amazing and always so happy to help at any time. Overall the experience was really great, and PayEm felt that they were thoroughly taken care of during the whole process.
Stellar audit advisory and management: The fact that Scytale’s experts managed all interactions with the auditor, only looping in PayEm’s team when absolutely necessary, was extremely valuable.

End results

Improved internal security practices regarding HR best practices, such as the onboarding and offboarding processes of employees.
Improved assessing risk of 3rd party vendors and the security of the entire organization. In return, this helped them grow as an organization.
PayEm has grown from 10 to 80 employees in the last nine months. Therefore, having these improved internal security practices implemented, significantly helped them to scale up.
PayEm is now more prepared for future audits such as the next SOC 2 audit, which will include Privacy, and their ISO 27001 audit.
Unlocked more sales and business opportunities for PayEm with customers who demanded the report before doing business.