Would auditors actually use a platform like this?
I’m the founder of a startup focused on offensive security (not trying to advertise anything here).
Regardless of certs, technical depth, or whatever else, I think it’s pretty obvious that compliance-driven security testing is one of the most solid markets out there. Annual mandatory assessments, predictable revenue, recurring engagements, clients that have to get things done, etc.
Because of that, we recently started partnering with companies that mainly handle the compliance/audit side, while we take care of the technical work for their customers (VA/PT, offensive security activities, and similar stuff) in exchange for a standard partnership fee.
Now I’m trying to understand whether this idea actually solves a real problem for auditors/consultants:
Would you find it useful to have a single platform where you can manage and track the whole audit process for your clients?
The idea is basically:
\* audit/compliance workflow tracking
\* visibility over technical activities
\* centralized access to reports/results
\* clients being able to request VA/PT directly from the same place (our customers already do this from our custom app)
From your perspective, would this genuinely add value, or would it just end up being “another platform” to deal with?
Interested in honest feedback, especially from people working in compliance/audit.