TalPoint provides hands-on guidance and implementation for SOC 2 Type 2 designed to meet the 2017 Trust Service Criteria published by the AICPA. The services prepare an organization to undergo a Type 2 audit by a CPA organization against these criteria, with the goal of obtaining a SOC 2 Type 2 report.
Who Can Use This?
Service organizations wishing to provide an independent attestation of their security controls for its customers can benefit from these services. Obtaining a “clean” SOC 2 report for the first time can be a daunting task for any organization, especially those organizations who have not yet defined an internal security and compliance program. TalPoint Experts use a proven approach to implement the required aspects of a security and compliance program that will meet the AICPA Trust Service Criteria. Additionally, the program will create a foundation that organizations can use to build on for future GRC initiatives.
- Determination of scope and applicable Trust Service Principles
- Talpoint proprietary sample control set
- Implementation and documentation of controls
- Internal preparation audit
- Identification of necessary remediation activities
- Setup of ongoing activities required by a Type 2 audit
Additional add-on services include:
- Implementation of TalPoint policy set
- Managed ongoing internal audit services
- External audit liaison services
Services are delivered remotely by experienced TalPoint experts. On-site services can be delivered at an additional cost to accommodate necessary travel and expenses.
Services are delivered at a Fixed-Price model and based on defined outcomes. Exact pricing is dependent upon the scope of the environment being assessed for SOC 2 compliance.