.png)
.png)
SOC 2
Get audit-ready without slowing down your team.
​
SOC 2 covers your infrastructure, internal processes, documentation, people, and vendors. Most companies underestimate the scope until they are already behind.
​
IDT works with companies running production workloads on AWS and manages the full preparation process. We assess where you stand, implement and remediate what needs to change, build the documentation and evidence structure your auditor requires, and support you through the audit itself. The auditor is a licensed third party and we make sure they have everything they need to complete the engagement.
Solution
The Multi-Tenant AWS BI SaaS Platform - centered around Amazon QuickSight and Amazon Q - delivers real-time, interactive dashboards and predictive insights without the complexity of traditional BI tools.
Whether you're empowering internal teams or delivering embedded analytics to your customers, this scalable, serverless solution ensures secure, governed access for thousands of users. Eliminate the burden of high infrastructure and licensing costs. Empower your teams with self-service analytics, intuitive natural language querying, and accelerated insights - while significantly reducing costs.
Transform how your organization leverages data with a fully managed, AI-powered Business Intelligence platform built natively on AWS.
Unlock Smarter Decisions at Scale with AWS BI SaaS Powered by Amazon QuickSight & Amazon Q
What SOC 2 preparation actually covers
IDT covers the full scope across every area your auditor will examine:
Technical controls: Infrastructure security, access management, encryption, logging, monitoring, incident response, and vulnerability management across all in-scope systems.
Policies and procedures: Access control, change management, onboarding and offboarding, incident response, vendor management, and data classification, written and audit-ready.
Evidence structure: A centralised evidence repository covering logs, access reviews, training records, configuration exports, and control test results, organised to what your auditor will request.
Vendor and third-party management: Third-party risk review, vendor SOC report evaluation, and documentation of how external dependencies are managed within scope.
Internal processes and staff: Preparing control owners for auditor walkthroughs and documenting that processes operate as described.
Physical and environmental controls: Where colocation or physical infrastructure is in scope, relevant controls assessed and documented to meet TSC requirements.
We support both Type I and Type II engagements.
Solution
The Multi-Tenant AWS BI SaaS Platform - centered around Amazon QuickSight and Amazon Q - delivers real-time, interactive dashboards and predictive insights without the complexity of traditional BI tools.
Whether you're empowering internal teams or delivering embedded analytics to your customers, this scalable, serverless solution ensures secure, governed access for thousands of users. Eliminate the burden of high infrastructure and licensing costs. Empower your teams with self-service analytics, intuitive natural language querying, and accelerated insights - while significantly reducing costs.
Transform how your organization leverages data with a fully managed, AI-powered Business Intelligence platform built natively on AWS.
Unlock Smarter Decisions at Scale with AWS BI SaaS Powered by Amazon QuickSight & Amazon Q
The preparation process
We follow a structured four-step process that covers everything from initial scoping through to audit completion:
​
1. Scoping - TSC selection, system and vendor scope.
2. Gap assessment - Controls, policies, processes reviewed.
3. Remediation - Technical controls, policies and processes.
4. Personnel - Security training, roles and walkthroughs.
5. Evidence - Repository built, collection automated.
6. Readiness check - Pre-audit review, final gap closure.
7. Audit - Support and report.
Type 2
6-12 month observation
Type 1
Point-in-Time report
Solution
The Multi-Tenant AWS BI SaaS Platform - centered around Amazon QuickSight and Amazon Q - delivers real-time, interactive dashboards and predictive insights without the complexity of traditional BI tools.
Whether you're empowering internal teams or delivering embedded analytics to your customers, this scalable, serverless solution ensures secure, governed access for thousands of users. Eliminate the burden of high infrastructure and licensing costs. Empower your teams with self-service analytics, intuitive natural language querying, and accelerated insights - while significantly reducing costs.
Transform how your organization leverages data with a fully managed, AI-powered Business Intelligence platform built natively on AWS.
Unlock Smarter Decisions at Scale with AWS BI SaaS Powered by Amazon QuickSight & Amazon Q
- SOC 2 Type I or Type II achieved without building a permanent internal compliance function
- Full preparation across infrastructure, documentation, processes, and personnel
- Evidence structure that supports ongoing compliance, not just the current audit cycle
- Your team prepared and confident going into auditor walkthroughs
Operational Outcomes
Get audit-ready without slowing down your team.
​
SOC 2 covers your infrastructure, internal processes, documentation, people, and vendors. Most companies underestimate the scope until they are already behind.
​
IDT works with companies running production workloads on AWS and manages the full preparation process. We assess where you stand, implement and remediate what needs to change, build the documentation and evidence structure your auditor requires, and support you through the audit itself. The auditor is a licensed third party and we make sure they have everything they need to complete the engagement.
s
o
l
u
t
i
o
n
s
The risk to your business
IDT covers the full scope across every area your auditor will examine:
Infrastructure security, access management, encryption, logging, monitoring, incident response, and vulnerability management across all in-scope systems.
Technical controls
Access control, change management, onboarding and offboarding, incident response, vendor management, and data classification, written and audit-ready.
Policies and procedures
A centralised evidence repository covering logs, access reviews, training records, configuration exports, and control test results, organised to what your auditor will request.
Evidence structure
Third-party risk review, documentation of how external dependencies are managed within scope.
Vendor and third-party management
Preparing control owners for auditor walkthroughs and documenting that processes operate as described.
Internal processes and staff
Where colocation or physical infrastructure is in scope, relevant controls assessed and documented to meet TSC requirements.
Physical and environmental controls
The preparation process
We follow a structured four-step process that covers everything from initial scoping through to audit completion:
01
Scoping
TSC selection, system and vendor scope
02
Gap assessment
Controls, policies, processes reviewed
03
Remediation
Technical controls, policies and processes
04
Evidence
Repository built, collection automated
Type 1
Poin-in-Time Report
06
Audit
Support and report
05
Readiness check
Pre-audit review, final gap closure
OR
Type 2
6-12 month observation
Operational Outcomes
- SOC 2 Type I or Type II achieved without building a permanent internal compliance function
- Full preparation across infrastructure, documentation, processes, and personnel
- Evidence structure that supports ongoing compliance, not just the current audit cycle
- Your team prepared and confident going into auditor walkthroughs