top of page
Our Approach to SOC 2
Advisory and Attestation Services
Definition
Define the scope and the Trust Services Criterion applicable to your organisation, by understanding your business operations, controls, and systems.
Gap Analysis
Identify your organisation’s shortfalls in comparison to the SOC 2 standards.
Awareness Training
Conduct a brief organisational SOC 2 awareness training program.
Asset Inventory
Identify and classify critical information assets in an asset inventory.
Risk Treatment
Rank the risks identified and help you strategise appropriate risk treatment measures.
Risk Assessment
Conduct a comprehensive risk assessment to identify weak areas and loopholes that could endanger your organisation’s critical assets.
Remediation Support
Our process and tech team will collaborate with your team for the policy rollout.
SOC2 Document Set
Create the policy and procedure document set with your team’s input and approval.
User Training
User training for all personnel detailing specific responsibilities. All training documents provided.
Pre-assessment
After a reasonable waiting period, a separate team of experts conducts a pre-assessment of your setup and measures implemented.
Attestation
Once all controls are in place, our US-based Certified Public Accountant (CPA) auditor will audit your processes to confirm adherence to the SOC 2 requirements.
Ongoing Support
If needed, we are happy to extend our support by offering our Managed Compliance Services to help your organisation stay certified.
bottom of page