Browse categories
Explore
Fiverr Pro
English
$
USD
I will perform soc 2 readiness assessment and gap analysis
Lou H
About this gig
We help fintech and technology companies assess their readiness for SOC 2 by organizing existing processes, identifying control gaps, and structuring a clear path forward. If your documentation is incomplete or scattered, thats completely finethis engagement is designed to work with whatever you currently have.
We review policies, controls, and supporting materials (including spreadsheets, exports, notes, and screenshots), then map your environment to SOC 2 criteria. From there, we identify missing or incomplete controls, assess risk levels, and provide a structured deliverable outlining your current state.
This is a readiness-focused assessmentnot a full audit or implementationbut it gives you a clear, organized view of where you stand and what needs attention. Ideal for startups and growing teams in fintech, SaaS, or regulated environments that need clarity before moving into full SOC 2 compliance.
Get to know Lou H
Lou H
Governance, Risk Compliance GRC Analyst
- FromUnited States
- Member sinceMar 2024
- Avg. response time3 hours
Languages
English
Detail-oriented audit professional with experience supporting risk, compliance, and
control environments across financial, IT, and operational processes in multiple
industries. Experienced in process walkthroughs, control
evaluations, and risk-focused audit testing to support effective governance and
financial reporting integrity.
SOX Internal Control Testing
FRB / OCC / CFPB Regulatory Guidance
Audit Sampling & Substantive Testing
PeopleSoft • Trintech • CaseWare • Power
BI • Alteryx • EY Canvas
FAQ
What is included in the scope of this assessment?
This assessment covers a focused set of systems, processes, or control areas (typically up to 3–5, depending on complexity). Scope is determined based on your environment and the materials provided. Additional scope can be added if needed.
What counts as a “system” or “area”?
A system or area can include applications (e.g., AWS, CRM), business processes (e.g., financial controls, access management), or environments.
What if my environment is larger or more complex?
No problem—this is common. We can expand the scope to include additional systems or processes through add-ons or a custom engagement.
Do I need to have everything organized before starting?
No. You can share documentation in any state—even if incomplete or unstructured. I will organize, map, and identify gaps as part of the process.
What will I receive at the end?
You’ll receive a structured assessment including: Control mapping to SOC 2 criteria Identified gaps and risk areas A clear, organized workbook of findings
