soc2-compliance-expert
Installation
SKILL.md
SOC 2 Compliance Expert
SOC 2 Type I and Type II compliance management covering all Trust Services Criteria (TSC), infrastructure security validation, evidence collection, and end-to-end audit preparation.
SOC 2 Overview
Type I vs Type II
| Aspect | Type I | Type II |
|---|---|---|
| Scope | Design of controls at a point in time | Design AND operating effectiveness over a period |
| Duration | Single date (snapshot) | Observation period (3-12 months, typically 6-12) |
| Cost | $20K-$60K (first audit) | $40K-$150K (first audit) |
| Timeline | 1-3 months | 6-15 months (includes observation period) |
| Customer Preference | Early-stage acceptable | Enterprise customers require |
Start with Type I to validate control design, then transition to Type II within 6 months.
Related skills