Thoropass Reviews & Product Details

Mostly the UI and Navigation modules. Ease of uploading documents and sharing comments with the CSM and auditors.During our compliance, we used to login frequently and we never faced any challenges. The customer support was Swift and our queries were clarified in no time. The integration module was so simple that any non technical person can also integrate different service provider with Thoropass without any support. the ease of implementation different compliance module and uploading supporting docs is super easy and convinient Review collected by and hosted on G2.com.

As of now, we have been using it for around 3 years, We never faced any issues so far. Review collected by and hosted on G2.com.

I’ve worked with Thoropass twice for SOC 2—once at a previous company and again at my current company—and both experiences were excellent.

The platform is easy to use, well-structured, and clearly shows what’s required, in progress, and audit-ready. Implementation is straightforward, even across organizations with different levels of security maturity.

Thoropass really stands out in customer support—their team is responsive, knowledgeable, and great at turning SOC 2 requirements into practical, actionable steps.

Feature-wise, Thoropass covers everything needed for SOC 2 in one place, including control management, evidence tracking, policies, vendor risk, and audit coordination.

Overall, Thoropass makes SOC 2 far more manageable and repeatable. I’d highly recommend it to any company pursuing or maintaining SOC 2 compliance. Review collected by and hosted on G2.com.

There’s very little to dislike overall. Some advanced features and reporting options may take a bit of time for first-time users to fully explore, but the learning curve is minor and well-supported by their customer success team. Review collected by and hosted on G2.com.

I really appreciate Thoropass for their communicative approach, which makes it easy as a leader to know where in the process we are, solve doubts, or get extra information about the findings. They help coordinate the process better with all parties involved. I also like the 90-day unlimited retest after receiving the penetration testing report because it allows us to make code improvements on their findings and reassess whether the fix has the expected impact, which secures solution quality and ensures an effective hardening process. The initial setup was really easy too, thanks to the Thoropass team who provided technical requirements and how-to guides, along with frequent communication from the customer success team to ease any challenges. Review collected by and hosted on G2.com.

I don't have anything in specific on my projects with Thoropass that I dislike. Review collected by and hosted on G2.com.

I really liked the people I worked with, especially Ritu, who was amazing, and the auditors were all super understanding and helpful. They really helped us get to the right spot. The evidence request feature is something I use the most, and I spent a lot of my time working in it and commenting back and forth with the auditors. The setup of Thoropass was very easy. Review collected by and hosted on G2.com.

The interface could maybe be a little bit more directed towards the audit experience. It's a little bit hard to get into all the evidence requests. Just from opening the application, but once you know how to do it, it's not too bad. It's just several clicks to get to it. But an audit, I would assume that that would be front and center. Review collected by and hosted on G2.com.

I like that Thoropass started well with sales support, where we got the relevant team members on board, which was promising for relevant areas. The kickoff was relatively prompt, and the policies in general were of pretty good quality. Review collected by and hosted on G2.com.

The main issue I have is with Thoropass's platform and evidence collection, which are extremely basic and manual. We were promised automated evidence collection, but it simply wasn't delivered. For companies undergoing ISO 27001 and SOC 2 type 2 certifications, the platform requires submitting identical evidence twice, wasting valuable time. It doesn't feel fit for purpose and we might have been oversold during the sales pitch with claims of automation and AI that are overstated. Additionally, ChatGPT provides faster and better responses in some areas compared to Thoropass tools, especially on the AI side, and even the team has confirmed not to rely on Thoropass's AI suggestions. Review collected by and hosted on G2.com.

I like the way that Thoropass has an easy to use task based interface that you can easily see what you need to remedy in your cloud platforms to maintain your soc 2 compliance. It also has automated monitors that work with our azure environment to monitor the environment and if anything goes out of compliance it will immediately flag it and give you a task to remediate it. It was easy to implement and integrate with azure. So far the customer support has been great and I use it daily to make sure everything in azure is compliant. Review collected by and hosted on G2.com.

In a couple of interfaces there are sections that require you to click twice but doesn't indicate it. Once you know though its not much of an issue. Review collected by and hosted on G2.com.

I really appreciate Thoropass for its excellent account management and the outstanding human support we receive. Our account manager provides exceptional service, ensuring smooth interaction and assistance, which significantly enhances our overall experience with the platform. In addition to this, the pen test team is truly exceptional, offering expert insights and reliable performance in conducting penetration tests. These aspects of Thoropass greatly contribute to our ability to streamline and manage our compliance efforts effectively, making our work processes more coherent and unified. Review collected by and hosted on G2.com.

I find the actual platform for managing our compliance assets somewhat confusing, which complicates achieving my compliance objectives efficiently. Additionally, I encountered challenges during the initial setup, specifically issues integrating Thoropass with Gusto, which hindered a smooth onboarding process. Review collected by and hosted on G2.com.

As a Project Manager deeply embedded in the ISO 27001 compliance process, Thoropass has proven to be an invaluable and highly supportive partner. What I particularly appreciate is its comprehensive approach to guiding us through the complexities of information security management. The platform’s ability to centralize documentation, track progress, and provide clear insights into our compliance posture has significantly streamlined what could otherwise be an overwhelming undertaking. The automated reminders and integrated task management features ensure we stay on track, and the readily available support resources have been instrumental in clarifying specific requirements, ultimately making the entire journey towards ISO 27001 certification much more manageable and efficient. Review collected by and hosted on G2.com.

​While Thoropass generally excels in its support for compliance, there are areas where the user experience could be refined. I've occasionally found the tool to be a bit slow, which can disrupt workflow during critical phases. Furthermore, there are instances where defining what is precisely necessary for certain controls isn't as straightforward as it could be, requiring a bit more effort to interpret. Optimizing the user experience to be even more intuitive and simplifying the navigation for complex tasks would greatly enhance the overall efficiency and user satisfaction, especially when dealing with tight deadlines and intricate compliance requirements.

But these are just details and my own personal considerations. Overall the tool is great and a great support to whoever is working on complicance related processes. Review collected by and hosted on G2.com.

The best part about Thoropass is the dedicated security architect role; we've only had good experiences working with Thoropass's team members, and the architect has been a keystone for us when trying to navigate the compliance landscape. Their expertise allowed us to make intelligent decisions around how we approach each control in line with our existing policies and procedures. It's been three years since we started leveraging Thoropass and they've helped immensely! Review collected by and hosted on G2.com.

Nothing majorly stands out as an issue with using Thoropass. I'll mention we've had hiccups around the in-browser document editor occasionally crashing, but due to the cloud-based nature of Thoropass, no work was ever lost from this. Review collected by and hosted on G2.com.

Thoropass has completely transformed the way we handle compliance in our organization. Fharen, Jarad and the rest of the team has been so helpful. The platform is incredibly user-friendly and makes managing audits and certifications a breeze. What I love most is the seamless integration with our existing tools, which has saved us countless hours. If you're looking for a reliable compliance solution that actually makes your life easier, Thoropass is the way to go! Review collected by and hosted on G2.com.

It's user-friendly once you get the hang of it and integrates well with our existing systems. The support team is generally helpful, but we've noticed some delays in response times during certain scenarios, which can be a bit frustrating when dealing with urgent issues. There’s also a bit of a learning curve at the beginning, especially for those not familiar with compliance software. Overall, it's a great tool, but be prepared to invest some time upfront. Review collected by and hosted on G2.com.