The AICPA issues the Trust Services Criteria (TSC) that outlines COSO objectives to be implemented by organizations wishing to issue a SSAE18 SOC 2 report. The TSC defines objectives within the following domains.
Organizations that implement SOC 2 are required to design a set of controls to meet the TSC objectives and generate their management attestation and system description report.
More and more organizations are requiring service providers to comply with SOC 2 and issue reports as it helps them understand the security posture of their providers control environment and service.
It is often a competitive advantage to sell more services over their competition for providers that do not have SOC 2 certification.
System Description Template
SOC 2 Control Scorecards
Audit program
Evidence repository
Agility is pre-configured with all the tools and templates you need to implement your SOC 2 program.
Easily track program status, control compliance, document status and remediation all within your or Ekko hosted Atlassian Cloud instance.
Agility provides you everything you need to start your SOC 2 program
Pre-built SOC 2 compliant policy templates
Establish your control baseline and program starting point
SOC 2 requires an external CPA firm to conduct your certification audit
Agility provides you all the tools to implement, track and remediate your Information Security program
Conduct your Internal readiness assessment inside Agility
Conduct your SOC 2 certification audit with your selected registrar audit firm
Agility helps you maintain your ISMS