If you’re leading SOC 2 compliance at your organization, this course is for you!

The most comprehensive masterclass for SOC 2 out there and the ONLY dedicated SOC 2 Master Implementer Certification in existence. 

P.S. Earn CPE hours by completing this course! Oh, and it’s free.
SOC 2 Academy with Scytale

Course curriculum

  1. What is SOC 2 compliance?
  2. AICPA COSO Framework
  3. Trust Service Criteria (‘TSC’) and Point of Focus
  4. Audit Timeline & period
  5. Certification bodies
  1. Defining the scope
  2. Creation of ‘System Description’
  3. Types of Controls 
  4. Gap Analysis
  5. Identifying Gaps and Remediation
  6. Creation and Mapping of Controls
  7. Choosing the Auditing Firm
  1. Control Environment
  2. Risk Assessment
  3. Monitoring Activities
  4. Control Activities
  5. Logical and Physical Access Controls
  6. System Operations
  7. Change Management
  8. Risk Mitigation
  9. Additional Criteria for Availability
  10. Additional Criteria for Confidentiality
  11. Additional Criteria for Processing Integrity
  12. Additional Criteria for Privacy
  1. Shared Responsibility Model
  2. Key Stakeholder Identification
  3. Technical, Procedural, and Administrative Controls Implementation
  4. Prioritization
  1. Policies and Procedures
  2. Passwords and MFA
  3. Risk Mitigation
  4. Risk Assessment
  5. User Access Review
  6. Security Awareness Training
  7. Security Risk Vs Security Vulnerabilities
  8. Endpoint Management and Anti-Malware
  9. Assets Mapping and Classification
  10. Human Resources
  11. Maintenance, Monitoring, and Analysis of Audit Logs
  12. Data Breaches and Disclosures
  13. Crisis Management
  14. Segregation of Duties and Least Privilege
  15. Change Management
  16. Internal Audit
  1. Audit Principles and Concepts
  2. Preparation of Audit
  3. Trust but Verify Approach – Audit Evidence
  4. Types of Audit Procedures Performed
  5. Documentation
  1. Automation of Controls
  2. Real-time Identification of Non-Compliance Issues
  3. Response and Records of Non-Compliance Issues
  1. Communication During An Audit
  2. Audit Procedures and Evaluation of Evidence – Auditors’ Point of View
  3. Drafting Audit Plans
  4. Audit Findings and Deviations
  1. Audit Closing Procedure
  2. Organizing a Closing Meeting and Stating The Conclusion of The Audit
  3. Auditors Opinion Results
  4. Deviations and Management’s Response
  5. Complementary User Entity Controls (CUECs)
  6. Sub Service Organizations Carved Out Controls
  7. Corrective Action Plans For The Following Audit Cycle
  8. Marketing Aspects and Logo Use

Meet our instructors:

Kyle Morris

Kyle is a former KPMG Analyst, now serving as a Senior Compliance Success Manager at Scytale, helping SaaS companies live out the compliance dream.

Wesley Van Zyl

After 4 years at Deloitte, Wesley is currently a Compliance Success Manager at Scytale, where he helps SaaS companies streamline their security compliance.

About this course

Geared towards CISOs, CTOs and Compliance Officers, leading the SOC 2 project in their organizations, this free SOC 2 masterclass provides a comprehensive overview of the fundamentals surrounding SOC 2 compliance. 

Upon course completion, you will be awarded a SOC 2 Master Implementer Certification, as well as earn CPE hours.

Why should you start SOC 2 compliance training today?

SOC 2 compliance is crucial for cloud-based products to ensure security of their customer data and boost trust. But the reality is, SOC 2 is made up of complex terminology, lengthy processes, loads of requirements and a whole lot of admin, that only those experienced in SOC 2 really understand.
Most organizations and those leading the SOC 2 compliance project, lack the expertise and knowledge of this security framework. Unless you are in the field of information security and compliance, it is very unlikely that you fully understand how SOC 2 compliance works, what exactly is required, what the process entails, and the list goes on.
SOC 2 compliance also gets quite technical with the required policies, procedures, controls and specific criteria relevant to your particular organization. You probably have asked yourself,

“Where do I even start?”

This is where our SOC 2 Academy comes in. This course is a comprehensive compliance masterclass that equips you with the skills and in-depth knowledge to successfully lead your organization’s SOC 2 compliance project and be fully prepared for your audit.

So why should you start SOC 2 audit training today?

Here’s just a few of the main reasons:

Gain a thorough understanding of SOC 2 compliance and its requirements

Be informed on the process of SOC 2-readiness and the official audit

Gain the skills needed to lead your organization’s SOC 2 compliance project

Develop the knowledge needed to undergo SOC 2 and achieve compliance

Who can apply for free SOC 2 training?

Simply put, ANYONE! We created this course so people can become educated in the fundamentals of SOC 2 compliance and fully understand all the nitty gritty details

But we know if you do not need to learn about SOC 2, you probably won’t. And that’s why when we got the brilliant idea of a SOC 2 Academy, we specifically had in mind those leading the SOC 2 compliance process in their organization. CISOs, CTOs, compliance officers or SOC 2 first-timers, in need of the ultimate SOC 2 crash course, the SOC 2 Academy is calling your name!



  • Omer Rimoch - CTO PayEm

    Omer Rimoch CTO PayEm

    Scytale exceeded our expectations. We continued operating as normal during our audit preparation. Our SOC 2 workflows were super organized, which made it the smoothest process we could have asked for.

  • Yaron Lavi - CTO, Deel

    Yaron Lavi CTO, Deel

    Our SOC 2 audit preparation was smooth sailing. Scytale streamlined the process by providing expert-driven technology. They shared valuable insights about our security systems so we can better protect our customers’ data.

  • Tal Kollender - CEO, GYTPOL

    Tal Kollender CEO, GYTPOL

    We couldn’t have undergone our SOC 2 audit without Scytale. Their team and smart automation made the process simple and timesaving. We gained valuable knowledge about our security systems and had fun working together.