SOC 2 AUDIT READINESS

Service Description

Audit readiness is an organizational project to prepare for an external audit such as SOC 2, Type II.

Our Methodology

Cyber Advisory Group will develop a tailored work breakdown structure, which may contain the following:
  1. Control Framework Development – Selection of Controls
  2. Policies & Procedures development
  3. Information Security Policy document
  4. Implementation (e.g. IT, HR, Security Tools) 
  5. Audit preparation
  6. System Description document
  7. Audit interaction
  8. Attestation Letter document
Note: Project plan will be developed at the start of each engagement.

Our Deliverables

In addition to the usual status updates and meetings, CAG will deliver written drafts of the following material:
  • System Overview Reference (scoping the boundary)
  • Project Plan (work breakdown, schedule, milestones)
  • Control Framework
  • Policy and Procedure artifacts
  • General Information Security Policy 
  • System Description
  • Pre-Audit Gap Analysis (if desired)
  • Audit Attestation Letter
REQUEST MEETING