Service

SOC 2 Scope Snapshot

Enterprise customer wants SOC 2. Before you spend $30K on auditors, you need to know what you're getting into. We define your scope, map your controls, and show you every gap.

10 business days
60+ controls mapped
Auditor-ready docs
Get Started — $2,490

This is for you if:

  • A big customer is asking for SOC 2 and you've never done it
  • You want to know the gaps before paying for an audit
  • A deal is stuck until you can show SOC 2 progress
  • You need to budget and plan for the full SOC 2 journey
60+
Controls mapped
10
Days delivery
5
TSC categories
100%
Auditor-ready

What you get

Trust Service Criteria Selection

Which TSCs you actually need—Security, Availability, Confidentiality, Processing Integrity, Privacy. Most companies only need 1-2.

System Boundary Definition

What's in scope, what's out. Clear documentation that auditors can understand and verify.

Control Mapping

60+ controls mapped to your environment. What you have in place, how it satisfies the criteria.

Gap Analysis

What's missing, what needs work, and specific recommendations to close each gap.

Sample SOC 2 Report Preview

Trust Service Criteria explained

SOC 2 has five categories. Security is required. The other four are optional. Most SaaS companies pick Security + Availability. We help you choose what actually makes sense for your customers.

Security
Required

Protection against unauthorized access

Availability
Common

System uptime and performance

Confidentiality
Sometimes

Protection of confidential data

Processing Integrity
Rare

Accurate and complete processing

Privacy
Sometimes

Personal information handling

Common questions

Type 1 or Type 2?

Type 1 is a point-in-time snapshot—controls exist on a specific date. Type 2 covers a period (usually 6-12 months) and shows controls worked consistently. Most buyers want Type 2, but you often start with Type 1.

How long does the full SOC 2 process take?

This snapshot takes 10 days. A full Type 2 audit typically takes 3-6 months total (observation period plus audit time). This package gets you ready to start that clock.

Do you do the actual audit?

No. Audits have to be done by a licensed CPA firm. We do the prep work so when you talk to auditors, you know exactly where you stand and what they'll find.

What if we're not ready for SOC 2?

That's fine—most companies aren't when they start looking into it. This snapshot tells you exactly what you need to fix before engaging auditors.

How much does a SOC 2 audit cost?

Auditor fees typically run $20K-50K for Type 2, depending on scope and firm. Our snapshot is $2,490 and helps you negotiate better with auditors because you already know your situation.

Know what SOC 2 will take before you commit.

We define your scope, map 60+ controls, and show you every gap. 10 days, $2,490. Then you can decide if and when to engage auditors.

Get Started