- Understand whether you need a SOC 2 Type I or Type II audit
- Assign stakeholders and owners from every team in your company
- Create your compliance program with controls, policies, and procedures required for SOC 2 compliance
- Implement your controls and collect evidence to prove compliance