RegTech RadarRegTech Radar
← Back to RiskMint
Case study

Thornbury Capital maps controls across frameworks

How Thornbury Capital worked with us on maps controls across frameworks.

Auditor self-service
We collect evidence once now and it satisfies three frameworks. Audit season stopped being a sprint.Chloe Bianchi, Head of Financial Crime, Thornbury Capital
Thornbury CapitalStartupEuropeLive in 5 months

The challenge

Each audit meant weeks of screenshots and spreadsheet evidence, and the same control was tested separately for SOC 2, ISO 27001, and internal audit with no reuse between them.

Our approach

We connected the firm's core systems, mapped one control set across its frameworks, and automated evidence collection with provenance so a single artefact satisfied multiple requirements.

The result

Access-review exceptions became visible and were closed on cycle, and audit no longer required reconstructing who approved what.

Each audit meant weeks of screenshots and spreadsheet evidence, and the same control was tested separately for SOC 2, ISO 27001, and internal audit with no reuse between them. We connected the firm's core systems, mapped one control set across its frameworks, and automated evidence collection with provenance so a single artefact satisfied multiple requirements. Access-review exceptions became visible and were closed on cycle, and audit no longer required reconstructing who approved what.

This case study is written by the vendor and describes their own work. Outcomes have not been independently verified by RegTech Radar.