ABOUT // COMPLIANCE SPRINTS
Compliance Sprints exists because most SMEs hit their first audit unprepared — not for lack of effort, but because the gap between "we have a policy" and "we have a working control" is invisible until an auditor finds it.
FOUNDER // CARL PITTS
Carl has led £250M+ in cybersecurity transformation across financial services, healthcare, and critical national infrastructure. He's been the auditor making findings, the auditee writing remediation plans, and the executive answering to the board when audits go sideways.
Compliance Sprints is the toolkit he wishes had existed when he first walked into a SOC 2 audit unprepared, in 2008.
PHILOSOPHY // THREE PRINCIPLES
01
A 60% is a 60%. Inflated scores cost you audit findings later.
02
If you can't show approval, dates, and review history, the control doesn't exist.
03
Every recommendation comes from an audit room, not a textbook.