I’ve been tasked to design a roadmap for our team to achieve “audit readiness” by August. Our team is me, a marketer (with a little experience responding to security questionnaires in sales deals), our director of engineering, a scrum master). How would I assign areas of responsibility to each person and how much personal time would you expect each contributor to invest? Also, is there a logical flow to get the job done?
SHARE THIS TOPIC
Ask a Question
Join the conversation
Log in with your TrustCloud credentials and get started.
Start by establishing your tech stack, incorporating the essential tools and services that need to be in scope for SOC2. Next, set up all integrations available to facilitate the automated collection of evidence. Once this is completed, you can start to review the policies and controls available in your program. You can find a SOC2 overview and Guide if you follow this link https://community.trustcloud.ai/docs/grc-launchpad/soc-2/how-to-get-started-with-soc2/preparing-for-a-soc-2-audit/
A great way to divide the work between you and your team is by using the ‘Groups’ page. Check this article out to learn more about groups https://community.trustcloud.ai/docs/trustops/groups/