Assess your SOC 2 readiness across all five Trust Services Criteria — Security, Availability, Processing Integrity, Confidentiality, and Privacy. No signup, no install, no data leaves your browser.
This is a free, browser-based readiness checklist. Looking for full audit preparation? Our Pro Assessment Tool adds evidence tracking, gap analysis, ownership mapping, and executive reporting — all in your browser.
Need More?
The free tool is a browser-based readiness checklist. The Professional Toolkit is an Excel workbook built for full audit preparation.
| Feature | Free Tool | Professional |
|---|---|---|
| All 5 Trust Services Criteria | ✓ | ✓ |
| Progress tracking with visual indicators | ✓ | ✓ |
| Evidence notes per control | ✓ | ✓ |
| Save progress & export to CSV | ✓ | ✓ |
| Detailed control testing procedures | — | ✓ |
| Evidence tracker with control ownership | — | ✓ |
| Gap remediation planning | — | ✓ |
| Type I vs. Type II readiness guidance | — | ✓ |
| Auditor communication templates | — | ✓ |
| Executive dashboard with charts | — | ✓ |
Or get all tools: Complete Assessment Suite — $1,299
What's Included
Complete coverage of Security (Common Criteria), Availability, Processing Integrity, Confidentiality, and Privacy.
Visual indicators showing completion percentage by criteria and overall readiness status.
Attach notes and evidence references to each control point for audit preparation.
Mark each control as Not Started, In Progress, Implemented, or Not Applicable.
Save progress as JSON to continue later. Export results to CSV for reporting.
Runs entirely in your browser. No server connection required.
Methodology
SOC 2 examinations evaluate controls across five Trust Services Criteria defined by the AICPA.
| Code | Criteria | Description |
|---|---|---|
| CC | Security (Common Criteria) | Foundation for all SOC 2 reports — required for every examination |
| A | Availability | Systems are available for operation and use as committed |
| PI | Processing Integrity | System processing is complete, valid, accurate, and timely |
| C | Confidentiality | Information designated as confidential is protected |
| P | Privacy | Personal information is collected, used, and retained appropriately |
Getting Started
Click "Launch Tool" above. Everything runs in your browser — no data is sent anywhere.
Start with Security (Common Criteria) as it's required for all SOC 2 reports.
Mark each control point as Not Started, In Progress, Implemented, or N/A.
Document your current controls and evidence for each point.
Check your readiness percentage by criteria and overall.
Save as JSON to continue later, or export to CSV for your audit team.
Free Assessment Tools