Compliance Audits with a Personal Touch

From SOC 2 to ISO 27001, privacy assessments, and more, MHM provides “Big 4” quality audits at a fraction of the cost.

Our Services

Your business is unique, and so is our approach. At MHM, we tailor the audit experience to your business risk profile, maturity, and toolset – while keeping costs affordable.

SOC Attestations

Whether it’s your first time doing SOC or your 10th, our team can efficiently complete your SOC 1/2/3 attestation.

ISO Certifications

From initial certification through to
re-certification, our team of experts can complete your ISO audit.

Additional Services

Compliance needs are diverse, as is our list of assessments, such as privacy, GDPR, NIST, HIPAA, and more.

+200 Clients

Our team has proven its ability to deliver high quality audits for clients across any industry.

95% Retention

Clients love our tailored approach and trust us with their recurring and expanding audit needs.

+10 Countries

Our audit services help our clients reach new customers worldwide in Canada, the United States, Europe, and the Middle East.

We loved the personalized approach from MHM. The knowledge and advice received from MHM during the process of implementing SOC Type 2, helped us improve not only security but also overall all our operations!
— Tim Mourtazov, CEO, Smart Match Systems Inc.

Our Approach Makes All the Difference

Tailored | Experienced | Committed to Excellence

Rather than the one-size-fits-all approach, we take the time to understand your business and tailor our services accordingly, ensuring the best results for your organization.

Our unwavering dedication to excellence promises meticulous attention to detail and high-quality audits to help drive your business forward. No politics, no BS, just audits.

BYO-T

Bring Your Own Tool – there are many compliance platforms available to help organizations get audit-ready. If you have a tool, we can work with you in the platform as we go through your attestation or certification.

Our Leadership Team

Big 4 Experience – Boutique Firm Price

Led by Mark Mandel and Jose Costa, our team brings over 100 years of security and compliance audit experience.

Our philosophy: a one-size-fits-all approach ignores the complexity of the world today.

  • Founder & Principal

    After a 25 year career as a PwC Partner, Mark founded MHM with a mission to bring high quality and affordable security and privacy compliance audits to smaller organizations.

    With almost 3 decades of servicing clients across a wide range of sectors worldwide in the GRC, data privacy and security domains, Mark has developed a focus on aligning each client’s needs and particular risks to the requirements of their chosen compliance standard and delivering successful projects that are consistently on-time and on-budget.

    Mark is a licensed CPA and also maintains the CDPSE designation.

  • Principal

    Having spent over two decades navigating risk, internal controls, and IT security across many industries worldwide, Jose deeply understands how technology shapes our daily lives. As a former Partner at PwC, and after spending a few years as a CISO in the industry, Jose is eager to reconnect with clients directly and help them meet their compliance objectives.

    He's particularly drawn to the evolving landscape of third-party risk and cloud technology, driven by a genuine passion for simplifying compliance with complex frameworks and tailoring audit processes for certifications.

    Jose is a CISSP, CISA, ISO 27001 Lead Auditor, CIPP/E and CDPSE

Our Leadership Team is supported by a network of senior privacy and security auditors across the country.

Security & Compliance

  • SOC 1

  • SOC 2

  • SOC 3

  • ISO 27001

Privacy Assessments

  • Microsoft SSPA

  • ISO 27701

  • GDPR

  • HIPAA

Additional Services

  • Internal Audit

  • NIST

  • CyberSecure Canada

  • Other Certifications

Contact us to discuss your compliance needs.