2-Control
UnverifiedUnclaimed accountNOREA-registered IT auditors delivering ISAE 3402/SOC 2 statements and privacy audits.
Independent firms. Transparent pricing. Verified reviews. Filter by framework, scope, and budget, then reach out directly.
NOREA-registered IT auditors delivering ISAE 3402/SOC 2 statements and privacy audits.
Relationship-focused cybersecurity and compliance firm offering PCI DSS assessments alongside broader compliance services.
Single-provider audits across SOC 2, ISO 27001, FedRAMP, HITRUST, and PCI DSS
IT audit services for service organizations.
PCAOB-registered CPA firm serving small and mid-sized companies.
COFRAC-accredited certification body with 250 auditors and 3,500+ certified clients across France.
German statutory audit firm specializing in BSI C5 cloud security attestations, the German-market equivalent of SOC 2.
New York CPA firm focused on the mid-market.
Top-25 CPA & advisory firm with tech focus.
Top-25 CPA firm with a technology-sector focus.
UK compliance firm for EU-facing buyers.
Global Top 10 CPA firm with a large-scale SOC audit practice
Cloud-security specialist across the audit lifecycle.
RvA- and BELAC-accredited certification body for ISO 27001 and Belgium's CyberFundamentals (CyFun) NIS2 scheme.
ANSSI PASSI-qualified auditors covering all four audit scopes, plus NIS2, DORA and GDPR advisory.
7th-largest US accounting firm, risk advisory and SOC attestation practice
ISO readiness assessments and certification audits only, no consulting
DANAK-accredited certification body with 14+ years' experience and 500+ audits delivered.
All-in-one ISO 27001 + SOC 2 with proprietary tooling.
HITRUST Authorized External Assessor organization based in Las Vegas.
Service-Disabled Veteran-Owned C3PAO, the 26th company authorized nationally.
RvA-accredited certification body for ISO 27001 and NEN 7510, serving 600+ organizations in the Netherlands.
Israel-based PCI DSS QSA firm serving global payments and fintech clients.
BSI-recognized IT security service provider for IS-Revision, serving over half of Germany's DAX 30 companies.
Multi-framework audit firm with ongoing advisory support.
FINAS-accredited, employee-owned certification and information security inspection body.
Healthcare-focused HITRUST Authorized External Assessor, recently acquired by Health Catalyst.
One of France's longest-running cybersecurity firms, PASSI RGS/LPM qualified since 1995.
Boutique CPA firm led by former Big 4 partners.
Boutique CPA firm with hands-on delivery.
Woman-owned C3PAO founded by a 16-year Navy/DISA cybersecurity veteran.
Multi-framework CPA and cybersecurity assessment firm
Long-running boutique CMMC and NIST 800-171 consultancy and authorized C3PAO.
CPA firm focused primarily on SOC examinations and IT attestation
The body authorized by ANSSI to assess and issue France's SecNumCloud cloud security qualification.
Healthcare-exclusive HITRUST assessor led by an original architect of the HITRUST CSF.
NCSC-approved Cyber Advisor and Drata's UK/EU partner for SOC 2 and GDPR compliance.
SWEDAC-accredited certification body serving 1,400+ clients across Sweden with 2,400+ certificates issued.
Ireland's national standards body, INAB-accredited for ISO 27001 certification.
Cybersecurity & compliance firm with strong AI governance fit.
The first company ever authorized as a C3PAO, and the first to pass CMMC 2.0 recertification.
Cyber-AB authorized C3PAO conducting formal CMMC Level 2 evaluations and certification.
One of the largest independent SOC examination providers in the US
Single Audit, Multiple Standards: SOC, ISAE, ISO, NIS2 and DORA in one integrated process.
One of only two firms globally dual-certified for both PCI scanning and full PCI DSS assessments.
Top 100 US CPA firm and certified B Corp, fixed-fee SOC 2 and ISO audits
Authorized C3PAO founded by former national intelligence and military infosec professionals.
UKAS-accredited, remote-first ISO 27001 certification built for fast-growing European tech companies.
Cybersecurity & compliance firm with multi-framework expertise.
GRC platform and CPA audit under a single contract
One of only two BELAC-accredited bodies authorized to perform NIS2 CyberFundamentals (CyFun) verification audits in Belgium.
National top-25 CPA and advisory firm with a SOC audit practice
SOC 2 and HIPAA audits with flexible delivery for smaller organizations