Datto Builds Compliance Department Around ZenGRC

As the world’s leading cloud-based software and technology solutions provider for managed service providers, Datto was still struggling with archaic GRC processes and spreadsheets to manage compliance initiatives. The internal team was relatively new to compliance monitoring and management and needed a solution to build a compliance program from the ground up, supporting SOC 2 audits, as well as NIST, CMMC and SOX frameworks.

“We looked at a number of solutions, most of which were just fancy databases focused on evidence and document gathering,” said Christopher Henderson, Director, Information Security with Datto. “Many had an archaic feel, as if built in the early 1990s, and I knew there was no way my staff would embrace these options.”