02Compliance

Compliance & Security

Audit-ready in weeks, not quarters.

SOC 2, ISO 27001, GDPR, and HIPAA readiness — evidence collection, gap remediation, and audit preparation end-to-end.

Book a free discovery call See pricing

Outcomes

What you'll walk away with.

SOC 2 Type I ready in 6–8 weeks for typical AWS-native SaaS

ISO 27001, HIPAA, and GDPR readiness covered by the same control set

All evidence automatically collected and dated — no screenshots-in-a-spreadsheet

We sit beside you in auditor calls so answers are consistent and technical

Scope

What we deliver.

Every engagement is scoped in writing before work starts. Nothing in the list below is a rough promise — each item is a concrete deliverable with acceptance criteria.

Gap assessment & risk report
Control remediation delivery
Evidence pack preparation
Auditor liaison support

How we work

Our process.

Gap assessment

A two-week dive across your AWS account, code, and policies — scored against the relevant control set.

Remediation plan

Every gap gets an owner, a fix, and a deadline. We deliver code for the ones you want us to handle.

Evidence automation

We instrument control checks (AWS Config, Security Hub, custom scripts) so evidence collects itself.

Audit prep

We package evidence into an auditor-ready pack and join the audit calls with you.

Pricing

Fixed scopes, honest timelines.

SOC 2 readiness from $14,500 fixed-fee, or bundled into a compliance retainer from $7,500/month.

Talk to an engineer See all pricing

FAQ

Questions we get asked.

Which frameworks do you cover?

SOC 2 (Type I and II), ISO 27001, GDPR, HIPAA, and Cyber Essentials. The underlying control set overlaps significantly — we map once and reuse evidence.

Do you act as the auditor?

How does iFu Comply fit in?

Also worth a look