Tools:

  • Compliance Dashboard
  • Create Custom Meetings and Link to SOC2 Criteria and Controls
  • Auditor Access and Exports
  • Employee Evaluations and Performance Plans (CC1.4/CC1.5/CC2.2)

Meetings:

  • Change Advisory Board  (CC8.1)
  • Execute Review (CC1.2, Repeats frequently throughout SOC)
  • Board Meetings (CC1.2, Repeats frequently throughout SOC)
  • Security Steering Committee (CC1.2, Repeats frequently throughout SOC)
  • Business Continuity Plan Review (CC5.3/CC7.4/CC7.5)
  • Disaster Recovery Plan Review (CC5.3/CC7.4/CC7.5)
  • Business Continuity Test Retrospective (CC5.3/CC7.4/CC7.5)
  • Disaster Recovery Test Retrospective (CC5.3/CC7.4/CC7.5)
  • Sprint Retrospective (CC8.1)
  • Job Description Review (CC1.4)
  • Company Organizational Chart Review (CC1.3/CC3.4)
  • New Hire Review (CC1.4/CC6.2)
  • Department Meetings (CC1.2, Repeats frequently throughout SOC)
  • Team Meeting, e.g. server team (CC1.2, Repeats frequently throughout SOC)
  • Risk Assessment Retrospective (CC3.2)
  • Review Authorized Personnel Roles for Access to Data, Software, Functions, and Other IT Resources (CC4.1, CC6.2, CC6.3)
  • Review Personnel with Physical Access to Sensitive Locations (CC4.1, CC6.5)
  • Review Incident Response Procedures (CC7.3, CC7.4)
  • Incident Response Retrospective (CC7.4, CC7.5)

Checklists:

  • Employee Exit  (CC6.2/CC6.3/CC6.5)
  • Employee New Hire (CC6.2/CC6.3)
  • Employee Onboarding (CC1.1/CC1.4/CC6.2/CC6.3)
  • Hardware Deployment (CC6.1/CC6.6/CC6.8)
  • Security Policies (CC1.2/CC2.1)
  • Security Awareness Training (CC1.4/CC1.5)
  • Vendor Management Assessments (CC3.2, CC9.2)