Hook is a London-based software-as-a-service (SaaS) startup providing a revenue growth platform that leverages customer usage, CRM, and engagement data. Using machine learning models, Hook accurately predicts which customers are likely to renew or churn, offering insights up to nine months in advance. With a large engineering team and a focus on handling sensitive customer data, both security and compliance are critical to Hook’s operations.
While Hook has been SOC 2 Type 2 compliant since its inception, their previous service auditor fell short of expectations, leaving the team feeling underwhelmed and frustrated.
“Our most recent experience with our previous auditor wasn’t great,” explains Robyn Harvey-Smith, Senior Operations Associate. “They didn’t have good communication, and they didn’t help us as much as we’d hoped.”
Insight Assurance provided a thorough readiness assessment, including a comprehensive review of Hook’s Vanta instance, ensuring all SOC 2 controls were designed and implemented appropriately. As Harvey-Smith explains, they weren’t expecting this step, but it was a big help that made them feel assured going into the audit.
“It was a very seamless process in terms of the discovery and scoping,” Harvey-Smith says. “They met us where we wanted to be … It was really easy to understand how the whole process would work, what they would need from us, and how to ensure we were prepared.”
Insight Assurance’s team of SOC 2 experts worked collaboratively with the Hook team, adapting to their needs and offering guidance as required. A dedicated Slack channel facilitated open communication, enabling quick answers to questions and regular updates.
The company needed a trusted audit partner that could provide better collaboration, expertise, and guidance specifically tailored to their needs as a SaaS startup. Additionally, Hook required assistance with specific SOC control requirements, including formal risk assessments and ensuring controls were well-documented.
Hook turned to Insight Assurance based on word-of-mouth recommendations and the firm’s reputation for a consultative, collaborative approach. Moreover, the firm’s seamless engagement process gave the Hook team confidence in partnering with Insight Assurance.
“Right from the beginning, we got a feel for how Insight Assurance operates,” Harvey-Smith says. “That was a big factor in choosing to go forward with the full audit. Another was how great the whole team was from the start.”
Hook completed their SOC 2 Type 2 audit in just a few months, with improved documentation, tighter controls, and enhanced risk management processes. The audit fostered internal cross-functional collaboration, raising awareness of security and compliance requirements across Hook teams.
Key findings, such as enhancing business continuity and disaster recovery planning, provided actionable steps for improvement. The process also reinforced Hook’s commitment to security, benefiting internal operations and customer trust.
“I really liked that we had constant updates on the timeline and expectations,” Robyn says. “It didn’t feel like it dragged on and on. Everything was purposeful. Getting those updates on our Slack channel was perfect for what we needed and made us feel like we were in the loop throughout those months.”
After such positive results, Hook looks forward to working with Insight Assurance again for the company’s upcoming ISO 27001 certification. According to Harvey-Smith, the entire process was a 10/10 experience.
“Insight Assurance provided everything we wanted and needed,” she concludes.
Whether you’re a two-person team or a global enterprise, our team of former Big 4 auditors brings the same level of quality and care to every engagement.
Let’s simplify compliance — together.
Share This Post
Share a few details and our team will be in touch shortly to schedule a friendly, no-pressure conversation—no obligations, just answers.
