Verification of Data Controls for SOC2 Type 2
Strong Authentication controls and vendor trust are no longer sufficient to satisfy ongoing monitoring component of SOC2 Type2
Ongoing Monitoring & Controls
SOC2 Type2 security assessment demands an active posture to monitor security and compliance controls. As more work shifts to 3rd Party SaaS applications, auditors are demanding tighter data governance for SaaS platforms
Autonomous Data Governance
1. Compliance
Establish data controls and access mechanisms with built in templates
2. Data Catalog
Knowledge-graph enabled deep search functionality for DSR or other usage information
3. Retention
Track when a document entered the data-stack and establish data lineage of usage
4. Remediation
Highly granular remediation of sensitive data at risk allows minimal supervision in tackling risks
5. Data Protection
No Code Policy Template allows non technical compliance teams to create and update data protection policies