Coral assists Subex to achieve SOC 2 Type 2 attestation
Subex is a telecom solution provider that Software solutions to Telecom customers
The process of SOC 2 Type 2 attestation involved taking the organization through the following steps (not exhaustive)
· Understanding the organization’s business and SOC 2 context
· Establishing business objectives
· Determining applicable trust principles
· Gap analysis against applicable SOC 2 point of focus/requirements
· 3 phase risk assessment
· Risk remediation support
· Documentation of policies, and procedures across multiple domains including production development, IT operations, business continuity, cyber security incident response, business continuity, human resources, physical security and supplier management.
· Testing controls for 3-6 months
· Training of all employees in the scope of SOC 2 implementation
· Internal Audit
With Coral’s support in SOC 2 implementation, the team in Subex was able to create a governance framework that ensured risks are tracked and monitored successfully.
Finally, an unqualified report from the CPA demonstrated the joint