Professional Documents
Culture Documents
The intent of this form is to gather initial information about your technology infrastructure and
intent so that we can properly plan a SOC 2 audit. All information provided in this form is
strictly confidential. Send completed forms to Steve Vasconcellos at:
svasconcellos@clarknuber.com.
Yes
No
4. What is driving compliance for you?
Immediate customer requirement
Staying ahead of customer requirements
Other – (please describe)
6. What criteria do you want included in your report? Select all that apply:
Security
Confidentiality
Integrity
Availability
Privacy
Not sure? Security is the minimum required criteria. Read more about the various criteria here.
3. How would you describe your system architecture? Select all that apply:
Monolith architecture on public cloud (e.g. AWS)
Virtual instances (e.g. EC2)
How many instances?
Serverless instances (e.g. Fargate)
Microservice architecture on public cloud
Orchestration of containers
How many containers? (General range is fine):
Serverless computing
On-premise physical servers or private cloud (including hybrid cloud models)
How many servers? (General range is fine):
Architecture comprising third-party business applications
Yes
No
3. Do you have common IT security policies in place (e.g., IT security, incident response,
business continuity)?
Yes
No
Some
4. What are your biggest security concerns? Can you describe them below?