Risk Topics
 
 
 

How to prepare for a SOC-2 audit

2015.03.28

Preparing for a SOC-2 audit can be daunting, but it's an undertaking in change management that can follow established practices towards predictable outcomes. Rather than a re-hash of the well-worn subject of project management, this section will be a how-to in the specific change arena of becoming an audited service organization. It's assumed that the reader is already familiar with the concepts in the "why" and "what" sections in the menu above, and already possesses:

If not, please please make sure you consider the "why" and "what" questions first. This will save you from enormous amounts of rework down the road, and will arm you with the things you need to succeed: a motivating sense of purpose; executive buy-in; and a yard-stick to measure progress.

The following articles are a collection of thoughts on beginning the actual work.

© 2013 - 2018 werneburg information risk management inc.