SOC 2 Security Controls
SOC 2 compliance requirements and auditing processes were developed to help organizations determine whether their business partners, vendors, and suppliers can securely manage data and protect the security of their clients. Sharing an annual SOC 2 report, that has zero exceptions identified, is the goal for the majority of organizations wishing to provide evidence to their customers or constituents that they take security seriously and have an effective program in place.
What’s included?
- SOC 2 Security Controls Assessment
- Risk Assessment for Environmental, Human, IT, and Business Risks
- Compliance Calendar and Real-Time Dashboards
- Policies, plans, and procedures for SOC 2 Security Controls
- Incident Response Management and Reporting
- Acknowledgement Tracking for Policies, Acceptable Use, Employee Handbooks, and more
- Business Continuity Strategy, Plan, Testing, and Reporting Templates
- Vendor Due Diligence Procedure, Automated Risk Ranking, Assessments, and Reporting
- Security Awareness: Annual, New Hire, Functional/Role-Based Training and Reporting
- Automated Weekly Status Reports and On-Demand Complete Assessment Reports