About this product
SOC 2 compliance bundle for SaaS, cloud, and managed services companies pursuing SOC 2 Type II certification. Covers: AICPA Trust Services Principles (Security, Availability, Processing Integrity, Confidentiality, Privacy), control framework design and testing, risk assessment and mitigation, control testing methodologies and evidence gathering, remediation tracking for audit gaps, Type I vs Type II differences and timelines, continuous monitoring and control maintenance, and year-round compliance procedures. Includes templates for control testing, remediation tracking, and management certifications.
What's included
- Trust Services Principles (CC, A, PI, C, P)
- Control framework design and implementation
- Risk assessment and mitigation templates
- Control testing methodologies
- Evidence gathering templates
- Remediation tracking spreadsheet
- Type I vs Type II audit timeline
- Continuous monitoring procedures
Who it's for
- SaaS and cloud services companies
- Managed services and IT service providers
- Startups preparing for SOC 2
- Organizations seeking customer trust certification
Licensing
Single-organization license. Customize controls for your services and infrastructure.
Related products
Compliance Crosswalks — Map Awareness Training to Your Framework
Defensible mappings of every ForgeAwareness product to NIST CSF 2.0, ISO 27001:2022, CIS Controls v8.1, SOC 2, PCI DSS 4.0.1, and HIPAA — plus 8 audit-evidence templates auditors actually accept.
PCI DSS Compliance Bundle
PCI DSS v4.0: 12 requirements, network architecture, encryption standards, audit readiness. For organizations processing payment card data.
Incident Response Playbook: Your First 5 Minutes
An 18-minute course for all employees on what to do in the first 5 minutes when you spot a security incident — how to report it, what NOT to do, and what happens next.