Welcome to part four of SOC 2 Bootcamp, covering everything involved in the audit process, including understanding your report and how to use it!
Quick bootcamp run down—we borrowed Bluth Company and Associates from Arrested Development. Monica works for Bluth Company and is getting their SaaS product, the Banana Stand, SOC 2 compliant.
In SOC 2 Bootcamp Part 1: Scoping and Auditor Selection, Bluth Company kicked off its SOC 2 journey. Monica has internal buy-in, selected an auditor, defined Trust Service Categories, completed scoping and wrote their Service Organization’s Description of Controls.
The second webinar, SOC 2 Bootcamp Part 2: Policies and Controls, focused on the meat of SOC 2, the policies and controls. We dove into a handful of policies required for SOC 2, what’s involved and the necessary controls to stay compliant.
SOC 2 Bootcamp Part 3: Evidence Collection concentrated on collecting evidence to show compliance with controls and policies. We looked at some evidence collection automatically and other evidence that requires manual
Read the article