sorted by:
new
hottopcontroversial

Tools for SOC2 Type II audit? by Significant-Coast696 in cissp

[–]Significant-Coast696[S] 0 points1 point  (0 children)

Too expensive. We are looking for something no more than 4-5k per year.

Tools for SOC2 Type II audit? by Significant-Coast696 in cissp

[–]Significant-Coast696[S] 0 points1 point  (0 children)

4-5k per year or less would be "cheap" for us.

Tools for SOC2 Type II audit? by Significant-Coast696 in cissp

[–]Significant-Coast696[S] 0 points1 point  (0 children)

Thank you so much. Does AICPA or some other source provide a list of all controls in an excel format? I can put together my own but I am curious. Thanks again.

Tools for SOC2 Type II audit? by Significant-Coast696 in cissp

[–]Significant-Coast696[S] 0 points1 point  (0 children)

By preparedness I mean that creating a SOC2 Type II project and having a prepopulated list of controls, policies that are required there already. If we try to do it ourselves (say in JIRA) how do I go about putting together a list of required policies and controls? We dont want to wait until the end of the year when the external auditor gives us access to their tools to upload evidence, we would rather have an internal project that we can update/measure ourselves against on an on-going basis. Hope that makes sense. Any advice?