Compliance Audit Intake

Select Services

Choose the compliance frameworks you need.

SOC 2 Type 1 Point-in-time

SOC 2 Type 2 Operating effectiveness

ISO 27001 ISMS Standard

ISO 42001 AI Management System

GDPR Data Protection & Privacy

HIPAA Healthcare Data Security

Company Profile

Provide your official corporate details.

Legal Entity Name

Company Address

Country

Postal Code

Website

Timezone

Company Size

Region

Key Contacts

Legal Signatory

Full Name

Title

Email Address

Phone Number

Point of Contact (Primary)

Full Name

Email Address

Phone Number

Billing Information

Billing Name

Billing Email

SOC 2 Type 1 “Point-in-time” Report

Please provide the following information.

When will you be ready for Type 1 audit?

Name of system(s) to be audited

One system per entry

Trust Service Criteria (TSC)

Security (mandatory) Availability Confidentiality Processing Integrity Privacy

Additional Controls / Standalone Compliance (Type 1)

HIPAA

GDPR

SOC 2 Type 2 Tentative Audit Period

Please provide the following information.

Start date of Type 2 observation window

Tentative observation end date

Name of system(s) to be audited

One system per entry

Trust Service Criteria (TSC)

Security (mandatory) Availability Confidentiality Processing Integrity Privacy

Additional controls / standalone compliance (Type 2)

HIPAA

GDPR

ISO 27001 – ISMS Scoping

This helps define your ISMS scope and certification readiness.

Objective of ISO 27001 engagement

ISMS Scope (systems, locations, teams)

Name of Locations to be included in scope

One location per entry

Risk assessment status

Are ISMS policies prepared?

Statement of Applicability (SoA)

Has management formally approved ISMS scope and objectives?

ISO 42001 – AI Management Readiness

This helps assess AI governance and compliance maturity.

Objective of ISO 42001 engagement

Number of AI systems or models in use

Primary AI use cases

One use case per entry

Does any AI system perform high-risk or regulated decisions?

AI risk assessment performed?

Are AI Management System policies prepared?

Human oversight defined for AI decisions?

HIPAA Compliance Readiness

This helps us understand how Protected Health Information (PHI) is handled and scope your HIPAA engagement.

Do you create, receive, store, or transmit PHI?

Your role under HIPAA

Where is PHI primarily stored or processed?

Types of PHI handled

One PHI type per entry

Are Business Associate Agreements (BAAs) in place with vendors?

Any security or privacy incidents involving PHI in the last 24 months?

GDPR Readiness Assessment

This helps define GDPR scope and data protection obligations.

Do you process personal data of EU/EEA residents?

Categories of personal data processed

Primary lawful basis for processing

Do you use third-party data processors?

Any cross-border data transfers outside the EU?

Data Protection Officer (DPO) appointed?

Audit Scope

Help us understand the size of your infrastructure.

Customer Information

Customer type

Existing customer New customer

Organization Details

Number of full time employees

Number of Contractual Employees

Number of physical server locations

Primary cloud provider

Number of internet-facing applications and APIs

Types of sensitive data handled

Risk & Change Assessment

Security incidents in the last 12 months?

Loss of key employees in the last 6 months?

Switching platforms or auditors?

Compliance & Readiness

Compliance automation tool *

Current readiness status

Additional Information

Industry type

Penetration testing required?

How did you hear about us?

Ready to Submit?

I confirm all information is accurate and complete.