SOC 2 Readiness

Sera-Brynn can help organizations prepare for a formal Service Organization Control (SOC) 2 audit based on the Trust Services Principals – security, availability, processing integrity, confidentiality, and privacy.

Using the Trust Services Principles and Criteria (TSP Section 100), Sera-Brynn will assess and advise on an organization’s cybersecurity posture in preparation for the independent accounting firm’s formal audit. 

During a typical SOC 2 Readiness engagement, Sera-Brynn will:

  • Advise on and document the scope of the upcoming SOC 2 audit;
  • Perform a technical vulnerability assessment, including internal and external scans for vulnerabilities;
  • Perform a NIST-based Risk Assessment to identify and document risk decisions;
  • Advise on how to remediate or compensate for any of the identified Trust Service Principals that need to be implemented before the formal SOC 2 audit is performed;
  • Prepare technical and information security remediation reports;
  • Recommend compliant best practices;
  • Assess and advise on SOC 2-compliant cloud-based solutions;
  • Recommend compliant “best practices”; and
  • Prepare documentation in a manner that aligns with the accounting firm’s needs.

Contact us for more information.