Slide 3

Your Path to SOC 2 Compliance

An overview of what you need to achieve SOC 2 compliance in your company.

Course Detail

This course teaches you how to work towards your SOC 2 attestation. Including how to prepare for an audit on your own or with the help of a consultant, and using compliance automation software.

Course Features

Leonardo Sot - Instructor

Leonardo Soto


Leonardo is an IT management professional focused on cybersecurity, compliance and digital transformation. His expertise includes IT project management, digital transformation, and preparing companies for information security audits, such as SOC 2, ISO 27001, and HIPPA.

Course Synopsis

Upon the successful completion of this course, each participant will possess the skills and knowledge to support any business organization in project plan for a SOC 2 certification. 

This unique training is unlike any training offered to employees and managers in the area of information security. Successful ‘graduates’ will become coveted amongst companies for their specialized knowledge of compliance, information security, and privacy. 

Having employees with this specialized knowledge also helps companies keep information safe. This training assists in raising the level of information security in the companies they work.

Course Content

5 days • 20 hours of instructor-led clasess
8:00 AM to 12:30 PM – Instructor Led
On Day 1, the participants will learn the challenges of preparing for a SOC 2 audit in-house, what resources they need, and how this activity will impact the company’s day-to-day operations. On the other hand, we will explore hiring a consultant to lead the project and how this could speed the process and reduce costs.

Learning outcomes

  • Can we do it in-house, or do we need a consultant?
Unit 01 – Can You Get Ready For Your SOC 2 Audit on Your Own?
  • Important Reminders For Working Towards SOC 2 Internally
  • Pros of Preparing for Your SOC 2 Audit in-House
  • Cons of Preparing for Your SOC 2 Audit in-House
Unit 02 – Is Using a SOC 2 Consultant Right For You?
  • Benefits of Preparing for your SOC 2 Audit Using a Consultant
  • Challenges of Preparing for your SOC 2 Audit Using a Consultant
Activities and Exercises
2:00 PM to 4:00 PMIndependent work
  • Analyse the pros and cons of preparing for SOC 2 in-house
8:00 AM to 12:30 PM – Instructor Led
On Day 2, the participants will learn the pros and cons of automating the SOC 2 Compliance process. We will analyze the criteria for selecting SOC 2 Compliance software and services. We will lead a discussion on the need for continuous compliance and the different roles and responsibilities to achieve it.Learning outcomes
  • Criteria for selecting a SOC 2 Compliance Software-as-a-Service solution
  • How to keep the company compliant
  • Who is responsible for compliance in the company?
Unit 03 – What Is Compliance Software? Should You Use It?
  • Benefits of SOC 2 Compliance Automation
  • Downsides of Automation of SOC 2
  • Criteria for Selecting SOC 2 Compliance Software
Unit 04 – Continuous Compliance
  • Why You Need Continuous Compliance
  • Roles and Responsibilities in a Continuous Compliance Scenario
Activities and Exercises
1:00 PM to 4:00 PMIndependent work
  • Define roles and responsibilities for SOC 2 Compliance in your company


8:00 AM to 12:30 PM – Instructor Led
On Day 3, the participants will learn about auditors. We will explore the different types of auditing firms and the benefits and issues when engaging with an auditor. We will also address the recertification process.

Learning outcomes

  • Understanding of the auditing landscape
  • Criteria to choose the right auditor

Unit 05 – The Auditing Firms Landscape

  • Benefits and Issues Engaging The Big 4 Auditing Firms
  • Benefits And Issues Engaging A Mid-Tier Auditing Firm
  • Benefits and Issues Engaging A Boutique Auditing Firm
Unit 06 – Finding The Right Auditor
  • Which Auditor Is Right For You?
  • Criteria For Finding The Right Auditor
Activities and Exercises
2:00 PM to 4:00 PMIndependent work
  • Review your cyber insurance policy to find cost saving opportunities with a SOC 2 Certification


On Day 4, the participants will learn how to use the SOC 2 Certificate to win more business. We will show how the information and evidence collected during the SOC 2 process can be used to respond faster to RFP questionnaires and to lower the cost of cyber insurance policies. Finally, we will talk about keeping the SOC 2 certification current and how to prepare for a SOC 2 recertification.

Learning outcomes

  • Using the SOC 2 Certificate as a marketing tool
  • Responding to RFPs and cyber security questionnaires with the information gathered during the certification process
  • How to approach the recertification process
Unit 07 – Using your SOC 2 compliance certificate
  • The SOC 2 Certification seal
  • RFPs and cyber security questionnaires
  • Building trust with a SOC 2 Certification
Unit 08 – Preparing for the next cycle
  • When To Recertify For SOC 2
  • Steps For Recertification
Activities and Exercises
2:00 PM to 4:00 PMIndependent work
  • Review your website to plan for a “SOC 2 Certified” page
  • Determine the best time of the year to recertify the company
8:00 AM to 12:00 PM – Instructor Led
On Day 5, the participants will utilize all of the knowledge acquired throughout the training to create a project plan for SOC 2 Type 2 certification.

Learning outcomes

  • SOC 2 Certification project plan

Unit 09 – SOC 2 Certification Project Plan

  • The Business Case
  • Defining a Scope
  • Identifying Risks
  • Reviewing and Re-Writing the Policies
  • Creating a Budget
  • Finding an Auditor
  • Marketing with your SOC 2 Certification

Students are also Interested in:

The whole team felt a lot of pride going through the SOC 2 training. It gave us a sense of accomplishment. As a business, we felt ready to tackle a difficult and confusing subject. SotoNets training made it easy.
COO Fable

Ready To Grow Your Business?

Do you have a digital transformation strategy? We are here to help transform your business into an efficient workplace without the constraints of office space. We empower your employees to work from anywhere with the right tools to get the job done.