Sera-Brynn can help organizations prepare for a formal Service Organization Control (SOC) 2 audit based on the Trust Services Principals – security, availability, processing integrity, confidentiality, and privacy.
Using the Trust Services Principles and Criteria (TSP Section 100), Sera-Brynn will assess and advise on an organization’s cybersecurity posture in preparation for the independent accounting firm’s formal audit.
During a typical SOC 2 Readiness engagement, Sera-Brynn will:
- Advise on and document the scope of the upcoming SOC 2 audit;
- Perform a technical vulnerability assessment, including internal and external scans for vulnerabilities;
- Perform a NIST-based Risk Assessment to identify and document risk decisions;
- Advise on how to remediate or compensate for any of the identified Trust Service Principals that need to be implemented before the formal SOC 2 audit is performed;
- Prepare technical and information security remediation reports;
- Recommend compliant best practices;
- Assess and advise on SOC 2-compliant cloud-based solutions;
- Recommend compliant “best practices”; and
- Prepare documentation in a manner that aligns with the accounting firm’s needs.
Contact us for more information.