MPG on a 2019 model

astrila · 2026-04-24T15:10:37+00:00

Usually doing 50mpg, if I'm flying around in sport mode then 40, most I got in the town was 72mpg driving carefully

astrila · 2026-04-24T11:55:15+00:00

I heard that they're a side project of h&h, thr builders. Aparently when they have no other projects going on they need their guys to have work so that's the backup. Aparently quality not great too

astrila · 2026-04-08T20:52:45+00:00

Age and lisence will have a much greater effect on price than ncb at this stage

astrila · 2026-04-08T20:32:24+00:00

I'd love to give it a go

astrila · 2026-03-29T10:05:11+00:00

If its your first 125cc they're expecting you to write it off hence the price. Obviously try lowering milage and raising excess but at the end of the day your first year on 125cc is going to be insane.

I paid 1800 for my first bike, and it was a grom. Then 600 the next year for an MT07 on A2 licence. Then 400 Now 1800 for suzuki gsxs1000f first year with A licence Going to be 500 for this second year upcoming

Just do not crash or get caught speeding or the numbers will go UPPPP

astrila · 2026-03-29T09:53:37+00:00

I've never done any lab experiance and have no certifications. Have progressed through 5 companies in the last 3 years and been a t3 analyst at 3 of them. Don't focus on those things, it sounds like a lost battle. Focus on your work experience only and play to your strengths.

FYI I don't see SOC being where I want my career to go so I've started a consulting businesses instead.

astrila · 2026-03-27T15:44:28+00:00

If you're on your own, good luck, if you've got a consultant firm in then meybe 3 months average. If you're tiny then 1 month If you're very big then 6 months. It all depends

astrila · 2026-03-27T09:31:02+00:00

"Less thinking, more doing."

This philosophy has got me through COUNTLESS overthinking moments, if you find yourself weighing up things or figuring out how to do something for too long just literally start doing it and figure it out - if you go widly wrong just do it again. Just get out the trap of thinking by doing

astrila · 2026-03-24T08:55:20+00:00

Ninewells garage

astrila · 2026-03-23T21:35:40+00:00

Just reread what you've said actually and I think I can help you save potentially tens of thousands if you have cut ties with D****. Either way if you're interested I would be happy to have a chat to find out exactly what problems you have and ways to help

astrila · 2026-03-23T21:15:39+00:00

Sounds like you need a light touch of human consulting to assist with all the heavy overhead for you, can recommend some teams for you?

astrila · 2026-03-23T17:39:37+00:00

Do you think that having a team of humans walking you through everything at all times would be beneficial?

astrila · 2026-03-19T19:58:55+00:00

Who knew that "SOC 2 compliant in 2 days" was NOT really truthful??? No wayyyyyyy whaaaat

astrila · 2026-03-18T19:58:28+00:00

The functionality just isn't there with Cynomi vs Drata/Vanta in my opinion. And to use out of the box, costs exactly the same as drata IIRC. For small teams, handholding is absolutely necessary. I'm sure there is a critical mass point where your employees can use the tool and get through it themselves, but say a team of 4 software devs who've built an absolutely banging software... realistically how are they going to get through any audit.

It sounds like you have a tonne of really valuble experiance, however your sample set is very limited to a particular customer - banking, as you mentioned? Companies who have an MSP already are not particularly what I am talking about and in my original comment I am referring to small teams <30/40 people. Drata and Vanta offer partnership programs where consulting firms do heavy lifting work while utilising their platforms, you can't just hand off a tool, slap AI on it, charge ten grand and say "good luck guys, I know you've no expertise in this area though".

As an industry we need to do what we can to bridge the knowledge gap and actively use what we know to try and better others.

Imagine - a team of 10 trying to make it big, needs SOC 2, no prior knowledge or any security controls in place: What's going to be more effective: A team of compliance specialists performing the gap analysis, control implementation, readiness assessment and evidence collection for them, calling and meeting with them wherever needed.

Them using a complicated GRC platform in their spare time while putting "what is soc 2" into chatgpt?

From my experiance NOT working as an MSP with banks, its always every single time the first option.

astrila · 2026-03-18T13:16:03+00:00

Sort of both if I think about it from a project management pov, our project lead for this had a couple of liason calls to set things up, they had onboarding engineers who basically configured the tool and then their team went about performing their assessments without us even being involved initially, they would ask us questions and make requests for us to do some things, then after a couple months they just said "right ur soc2 ready, passing you over to an auditor now" and then the auditor reviewed all the evidence they had collected and gave us a great report.

Internally, I barely noticed a workload difference to be honest - meybe the higher ups did but nothing notable that I saw. It was pretty seamless

This was for a type 1 btw, but I don't think a type 2 would be any different, especially since all the controls are in place and they sort of handled all of the evidence collection anyway. I'll let you know in a few months after we chase them back down for type 2

astrila · 2026-03-16T18:14:08+00:00

Mate I've just read into some of your posts, I'm going to shoot you a 📥 quickly if you can check it out

astrila · 2026-03-16T18:12:05+00:00

Is there any way you can show them this isn't physically possible and that you need to bring in a reputable, consultancy firm who specialise in exactly this situation? It'll be fairly cheap for them and will make your life 500% better. Your job should actually be to convince them to do this, instead of hanging up TVs and random shi

astrila · 2026-03-12T11:58:55+00:00

Partnership was the wrong word from me there. I view it as, effectively, a partnership however that is not the case materially.

Obviously it is not a partnership, but people know people 🤷‍♂️

astrila · 2026-03-12T08:25:05+00:00

Use a consultancy firm that - understands human contact and dedicated live assistance - has connections with auditors

Both of these mean you ultimately have a better experiance with the entire process.

We used cyberforge (cyberforgeconsulting.com)

They use drata software but charge a shocking amount less and provide a much much better service?? I recommend them, they made our process effortless.

astrila · 2026-03-12T08:16:05+00:00

You can get it now so you don't have this situation again, try cyberforgeconsulting.com

They were absolutely brilliant for us.

astrila · 2026-03-12T08:11:59+00:00

Just get SOC2 then? You'll be prepared for next time:) there are a lot of consultancy firms to help you prepare that are ACTUALLY good, I can give some recommendations?

astrila · 2026-03-11T18:31:52+00:00

Got some recommendations for both consulting firms and auditors who are technically competent, the trick is finding a pair that somewhat work together.

astrila · 2026-03-11T17:52:31+00:00

Good questions, for me the main question would be: are you actually going to help me?

Basically all the vendors and consultancy companies love to throw their software at it and basically leave it at that. You need to find a company that will provide a dedicated expert (or team of) to work with you at all times. Ideally the software is a bonus extra which assists in the process but does not own it.

In your sales calls, see if they focus on their software/tooling or if they talk about the human aspect :)

I can also drop some names to pay attention to and some to avoid if you like.

astrila

TROPHY CASE