Compliance Audits with a Personal Touch
From SOC 2 to ISO 27001, privacy assessments, and more, MHM provides “Big 4” quality audits at a fraction of the cost.
Our Services
Your business is unique, and so is our approach. At MHM, we tailor the audit experience to your business risk profile, maturity, and toolset – while keeping costs affordable.
SOC Attestations
Whether it’s your first time doing SOC or your 10th, our team can efficiently complete your SOC 1/2/3 attestation.
ISO Certifications
From initial certification through to
re-certification, our team of experts can complete your ISO audit.
Additional Services
Compliance needs are diverse, as is our list of assessments, such as privacy, GDPR, NIST, HIPAA, and more.
+200 Clients
Our team has proven its ability to deliver high quality audits for clients across any industry.
95% Retention
Clients love our tailored approach and trust us with their recurring and expanding audit needs.
+10 Countries
Our audit services help our clients reach new customers worldwide in Canada, the United States, Europe, and the Middle East.
Our Approach Makes All the Difference
Tailored | Experienced | Committed to Excellence
Rather than the one-size-fits-all approach, we take the time to understand your business and tailor our services accordingly, ensuring the best results for your organization.
Our unwavering dedication to excellence promises meticulous attention to detail and high-quality audits to help drive your business forward. No politics, no BS, just audits.
BYO-T
Bring Your Own Tool – there are many compliance platforms available to help organizations get audit-ready. If you have a tool, we can work with you in the platform as we go through your attestation or certification.
Our Leadership Team
Big 4 Experience – Boutique Firm Price
Led by Mark Mandel and Jose Costa, our team brings over 100 years of security and compliance audit experience.
Our philosophy: a one-size-fits-all approach ignores the complexity of the world today.
-
Founder & Principal
After a 25 year career as a PwC Partner, Mark founded MHM with a mission to bring high quality and affordable security and privacy compliance audits to smaller organizations.
With almost 3 decades of servicing clients across a wide range of sectors worldwide in the GRC, data privacy and security domains, Mark has developed a focus on aligning each client’s needs and particular risks to the requirements of their chosen compliance standard and delivering successful projects that are consistently on-time and on-budget.
Mark is a licensed CPA and also maintains the CDPSE designation.
-
Principal
Having spent over two decades navigating risk, internal controls, and IT security across many industries worldwide, Jose deeply understands how technology shapes our daily lives. As a former Partner at PwC, and after spending a few years as a CISO in the industry, Jose is eager to reconnect with clients directly and help them meet their compliance objectives.
He's particularly drawn to the evolving landscape of third-party risk and cloud technology, driven by a genuine passion for simplifying compliance with complex frameworks and tailoring audit processes for certifications.
Jose is a CISSP, CISA, ISO 27001 Lead Auditor, CIPP/E and CDPSE
Our Leadership Team is supported by a network of senior privacy and security auditors across the country.
Security & Compliance
SOC 1
SOC 2
SOC 3
ISO 27001
Privacy Assessments
Microsoft SSPA
ISO 27701
GDPR
HIPAA
Additional Services
Internal Audit
NIST
CyberSecure Canada
Other Certifications