Case Study

How Smarsh manages more than 700 questionnaires per year with HyperComply

Featuring HyperComply Customer:

Desiree Robinson

Sr. Director of Information Security, Smarsh

Smarsh is an innovative technology company, providing regulated organizations a modern, end-to-end solution built to capture, archive, monitor, and analyze their electronic communications. Smarsh has been an industry leader for more than two decades. In that time, new communication channels have emerged, and the global company has adapted to serve an increasingly digital business landscape. 

As the company grew, so did their information security team’s workload. They became inundated with lengthy due diligence questionnaires (DDQ) and security questionnaires (SQ). They needed a solution that could reduce turnaround time and get their response process down to a science. That's when they turned to HyperComply.

“HyperComply has enabled us to complete questionnaires quickly and accurately, and has had a hugely positive effect on speeding up our sales cycle.”
- Desiree Robinson, Sr. Director of Information Security

Centralized Knowledge Base replaces a compliance matrix

As deals get bigger, so do security questionnaires. Enterprise deals often require longer, more complex, and more specific vendor questionnaires to cover the company’s security needs, and the Smarsh team noticed these picking up. Desiree, Director of Information Security at Smarsh, explained “we’ve submitted a number of questionnaires this month, each of them more complex than what we’ve put through HyperComply before.”

Due to this increased complexity, replacing a compliance matrix spreadsheet with an interactive Knowledge Base allowed Smarsh users to leverage NLP in search and interact with their data in a more meaningful way.

Smarsh also has multiple product offerings, each of which require unique answers. “Not all of our products store or require the same type of data,” a previous Smarsh employee shared. “Depending on which product the client purchased, the answers to their security questions are going to vary.”

Segmenting their questionnaires in HyperComply allows Smarsh not only to keep their data organized and separate, but to have that data automatically applied to the appropriate questionnaires.

Autofill capability improves accuracy, reduces knowledge loss due to churn

Like many growing tech companies, annual DDQs combined with SQs from new deals slows down the sales cycle at Smarsh. The information security team has started to see around 40 questionnaire requests per month. This number is only expected to grow. (At time of publication, Smarsh is predicting 60 per month.)

Smarsh worked closely with their HyperComply CSM to develop user training and onboarding for new stakeholders on the legal and finance teams. Now, when employees eventually move on to pursue new opportunities, their knowledge of the company’s security posture stays.

Capturing the knowledge from your best employees is essential. To have that knowledge automatically applied to new questionnaires makes it scalable.  

SLA increases timeline predictability, decreases turnaround

Smarsh moved from a 3-week turnaround time for security questionnaires to 1-3 days. Initially, one of the company’s largest problems was turnaround time. Due to the increased volume and complexity of questionnaires, the sales cycle could be delayed significantly, leaving potential customers waiting for the completed questionnaire.

Now Smarsh returns an auto filled questionnaire back for review within one business day. The only remaining steps to completion are to review the file, assign questions to SMEs to fill gaps, and export to return to the client. 

With HyperComply, Smarsh has organized their data to only apply relevant answers, secured knowledge from team members to ensure continuity, and improved turnaround times to move deals forward faster. 

request a demo

Everything you need to get security reviews done fast and done right
Get Started
Portland, OR
Communication Data