Self-assess your SOC 2 readiness against the AICPA Trust Services Criteria. Score the always-required Security / Common Criteria (CC1–CC9), add any optional categories — Availability, Processing Integrity, Confidentiality, Privacy — and get an overall readiness %, the criteria in scope and a prioritised gap list. Exports to Word and CSV.
Security (the Common Criteria) is always in scope for every SOC 2 examination. Select any additional categories that apply to the commitments you make to customers.
For each representative control, choose its current state: Implemented, Partial, Not implemented, or N/A. Scoring: Implemented = 100%, Partial = 50%, Not implemented = 0%; N/A items are excluded from the score.
⚠️ This is a self-assessment aid based on the AICPA Trust Services Criteria (TSP section 100, 2017, with revised points of focus 2022) — it is not a SOC 2 attestation, certification or audit. Only an independent licensed CPA firm can perform a SOC 2 examination and issue a report. The control items here are representative, not the full criteria or points of focus; use the result to prioritise your gap remediation, then engage a qualified auditor.