SOC2 IS ABOUT TO GET A LOT SIMPLER

Starting SOC2 can be intimidating- the requirements are broad, open to interpretation, legally complex, & require input from nearly every team. We built Comply to make the process easy: policy templates that already include best practices & convenient workflow.

GOT QUESTIONS?

Join Comply's Slack channel

Connect with peers

Swap notes with other teams pursuing SOC2 compliance.

Learn from experts

Take part in exclusive Q&As with compliance experts every week.

Get practical advice

Get feedback as you author policies and manage rollout

join-slcck-channel

CONTRIBUTORS

michael_dasilve_headshote

MICHAEL DASILVA

YEXT | INFOSEC MANAGER

jonathan_hunt_invision

JOHNATHAN HUNT

INVISION | VP INFOSEC

tom_miller_braze

TOM MILLER

BRAZE | INFOSEC MANAGER

danny_graves

DANNY GRAVES

SPLUNK | SR MANAGER INFOSEC POLICY

david_aderonpe

DAVID ADERONPE

SPLUNK | SR MANAGER SECURITY RISK ASSURANCE

ONLINE CLASS

Learn how to avoid common mistakes during SOC2. We turned our notes into an online class.

  • Downloadable SOC2 project plan
  • 64 Lessons
  • 2 hours of content
teaser-video-image
hsc-2

GET STARTED IN SECONDS

Comply is a statically compiled website to help you write policies & manage the entire SOC2 lifecycle

$ brew tap strongdm/comply; brew install comply

  • 30 policy templates
  • Easy to edit in markdown
  • Convenient integrations with Jira & Github

CONVENIENT POLICY TEMPLATES

Do not waste time authoring policies from scratch. Comply's templates already include best practices and are easy to edit in markdown.

  • 30 policy templates
  • Easy to edit in markdown
  • 1-click to publish PDF exports
dcp 524x350
diff-524x350

VERSION CONTROL

Easily collaborate and track changes to policies using Github.

  • Review & approve changes
  • Audit log of every edit

RUN

One dashboard to assign tasks, monitor status, & track versions of each policy.

  • Auto-schedule compliance tasks
  • Create tickets and assign tasks via Jira integration
  • Monitor task status in dashboard
  • Define delivery dates and project timeline
dashboard

CONTRIBUTED BY:

strongdm-logo-white

The purpose of Comply is to provide SOC2 best practices & easy to adopt tools.