Skip to content

adamdecaf/SOC2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits

narratives

narratives

 
 

nginx

nginx

 
 

output

output

 
 

policies

policies

 
 

procedures

procedures

 
 

standards

standards

 
 

templates

templates

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

TODO.md

TODO.md

 
 

comply.yml

comply.yml

 
 

makefile

makefile

 
 

renovate.json

renovate.json

 
 

Repository files navigation

Moov SOC2 Audit Documentation

Build Status Apache 2 licensed

This repository consolidates all documents related to Moov's SOC2 audit and compliance policies using strongdm's comply framework.

Structure

narratives/     Narratives provide an overview of the organization and the compliance environment.
policies/       Policies govern the behavior of employees and contractors.
procedures/     Procedures prescribe specific steps that are taken in response to key events.
standards/      Standards specify the controls satisfied by the compliance program.
templates/      Templates control the output format of the HTML Dashboard and PDF assets.

Building

First you'll need to install comply and then run make build.

Publishing

The output/ directory contains all generated assets. Links in the HTML dashboard a relative, and all dependencies are included via direct CDN references. The entire output/ directory is copied into our moov/soc2 docker image and served with nginx.

Dashboard Status

Procedure tracking is updated whenever comply sync is invoked. Invoke a sync prior to comply build to include the most current ticket status.

Procedure Scheduler

Any procedures/ that include a cron schedule will automatically created in your configured ticketing system whenever comply scheduler is executed. The scheduler will backfill any overdue tickets.

Getting Help

channel info
Google Group moov-users The Moov users Google group is for contributors other people contributing to the Moov project. You can join them without a google account by sending an email to moov-users+subscribe@googlegroups.com. After receiving the join-request message, you can simply reply to that to confirm the subscription.
Twitter @moov_io You can follow Moov.IO's Twitter feed to get updates on our project(s). You can also tweet us questions or just share blogs or stories.
GitHub Issue If you are able to reproduce a problem please open a GitHub Issue under the specific project that caused the error.
moov-io slack Join our slack channel to have an interactive discussion about the development of the project.

Contributing

Yes please! Please start by reviewing our Code of Conduct.

You only have a fresh set of eyes once! The easiest way to contribute is to give feedback on the documentation that you are reading right now. This can be as simple as sending a message to our Google Group with your feedback or updating the markdown in this documentation and issuing a pull request.

License

Apache License 2.0 See LICENSE for details.

About

SOC2 Controls and Policies

moov.io

Resources

Readme

License

Apache-2.0 license
Activity

Stars

4 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages