This four-day course develops the skills needed to implement, manage, and improve SOC 2 compliance programs. It explains the SOC 2 framework and Trust Services Criteria, then guides participants through scoping, risk management, policy development, and control implementation. The program covers incident management, business continuity and disaster recovery, audit readiness, monitoring, reporting, and continual improvement. It prepares participants to support SOC 2 audits and to demonstrate effective management of security and privacy controls. The course aligns with the PECB Certified Lead SOC 2 Analyst certification exam.
Upcoming dates you can join soon.
This course runs multiple times per year, onsite and online.
Interpret SOC 2 requirements from an analytical view
Plan and implement SOC 2 security measures
Operate and monitor SOC 2 controls
Prepare organizations for SOC 2 audits
“Henri perfectly filled in the gaps in our knowledge and tailored the course contents to our difficult schedules, many thanks !”
Simon Baynes
BCMS manager
MSC MEDITERRANEAN SHIPPING COMPANY SA
“Henri and Alexis conducted a focused, intensive four-day ISO/IEC 27001 Lead Implementer Course of immediate relevance to The Global Fund. Participants representing both IT and Risk are now better prepared to design and operationise a corporate ISMS.”
Andreas Tamberg
Senior advisors enterprise risk management
The Global Fund
“Overall enjoyable training. To the point end trainer kept clear focused.”
Stephane Di Bari
Service operations manager
UNICC
Get instant answers to common questions about this course from our expert trainers.
SOC 2 focuses on controls related to security, availability, processing integrity, confidentiality, and privacy. It evaluates how organizations manage and protect information systems handling sensitive data.
“SOC 2 evaluates how organizations protect and manage information systems.”
Expert Trainer
Preparation involves defining scope, identifying gaps, implementing controls, and collecting evidence that demonstrates control operation. Ongoing monitoring and reporting support audit readiness.
“Audit readiness comes from consistent control operation and evidence.”
Expert Trainer
The exam is delivered online, lasts three hours, and is organized into five competence domains covering SOC 2 principles, criteria, planning, implementation, and monitoring.
“The exam follows the SOC 2 implementation and monitoring lifecycle.”
Expert Trainer
Day 1 introduces information security standards, the SOC 2 framework, Trust Services Criteria, and how to define scope and analyze SOC 2 requirements.
“Clear scope and criteria understanding set SOC 2 direction.”
Expert Trainer
The course combines lectures with real-case examples, case-study-based exercises, review activities, and a practice test aligned with the certification exam.
“SOC 2 capability grows through applied control practice.”
Expert Trainer
Browse every upcoming session for this course.
Quick navigation to course sections
Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.