Facebook Instagram X-twitter Linkedin

Running SOC 2 and ISO 27001 in Parallel: Red Cup IT’s Experience

Running SOC 2 And ISO 27001 In Parallel: Red Cup IT’s Experience
About Red Cup IT

Red Cup IT, Inc. is an information technology and cybersecurity services company that provides managed IT services and security solutions to large companies and enterprises.

Over 15 years in business, Red Cup IT has addressed hundreds of thousands of tickets across more than 1,000 projects and clients.

As their client base grew—particularly in industries such as financial technology and blockchain—security expectations increased significantly. Clients handling highly sensitive data required stronger assurances and formal compliance frameworks.

The Challenge

Red Cup IT faced increasing pressure to meet the security demands of enterprise and regulated clients.

Several potential clients required a SOC 2 report on file before engagement, and others required extensive annual security questionnaires.

In addition, expanding into industries serving financial institutions and government entities meant that achieving federally recognized security standards was becoming essential for:

  • Establishing trust

  • Securing contracts

  • Competing in regulated markets

Achieving SOC 2 compliance and ISO 27001 certification was no longer optional—it was a strategic necessity.

The Solution

After evaluating multiple audit firms, Red Cup IT selected Insight Assurance to support both SOC 2 and ISO 27001 audits.

Rather than following a rigid checklist approach, Insight Assurance took time to understand Red Cup IT’s:

  • Unique business model

  • Client requirements

  • Internal processes

  • Growth objectives

Insight Assurance worked with Red Cup IT to run SOC 2 and ISO 27001 audits simultaneously, creating a customized engagement plan that streamlined evidence collection and minimized operational disruption.

“Insight Assurance helped us run both SOC 2 and ISO 27001 audits simultaneously with a customized plan of engagement and accommodations that made the evidence collection process more efficient,” said Dan L., Founder, CEO, and CISO of Red Cup IT.

This approach:

  • Reduced duplicated efforts

  • Organized documentation processes

  • Improved internal workflows

  • Enhanced overall operational structure

Additionally, Insight Assurance supported Red Cup IT in implementing updated controls under the ISO 27001:2022 framework and refining internal SOPs.

“Insight Assurance played a crucial role in helping us understand and implement the new controls introduced in the ISO 27001/2022 update. Their expertise enabled us to revise and enhance our internal SOPs effectively.”

The Results

Through the combined SOC 2 and ISO 27001 audits, Red Cup IT experienced measurable operational and business improvements.

30% client base growth
Compliance helped Red Cup IT compete for and secure new business opportunities that required formal security frameworks.

200 hours saved per week
By consolidating compliance activities and running audits in parallel, the company significantly reduced time spent managing security documentation and processes.

Compliance became a business enabler rather than a barrier.

“In prioritizing compliance and working with Insight Assurance’s expertise, Red Cup IT realized an advantage to stand out from the crowd and run multiple audits in parallel to save both time and money,” said Joshua Padwa, Senior Channel Business Manager at Drata. “Combining that with the power of Drata’s cross mapping of controls, Red Cup IT was able to significantly streamline their compliance journey and achieve both frameworks at once.”

Red Cup IT continues to benefit from a structured, comprehensive approach to compliance.

By maintaining detailed documentation and a disciplined audit strategy, the company is better positioned to:

  • Meet security requirements

  • Respond to enterprise client expectations

  • Compete in regulated markets

  • Scale with confidence

The combination of SOC 2 and ISO 27001, executed simultaneously through a tailored approach, strengthened Red Cup IT’s operational maturity and competitive positioning.

More Case Studies

Ready for Stress-Free Compliance?

Whether you’re a two-person team or a global enterprise, our team of former Big 4 auditors brings the same level of quality and care to every engagement.

Let’s simplify compliance — together.

Let’s Talk Compliance

Share This Post

Let's Talk Compliance

Share a few details and our team will be in touch shortly to schedule a friendly, no-pressure conversation—no obligations, just answers.

Insight Assurance needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.