SOC 2 Processing Integrity Readiness Checklist
Use this checklist to prepare for a SOC 2 audit focused on the “Processing Integrity” Trust Services Criteria (TSC). For each control, ensure you have the proper evidence and corresponding policy in place.
SOC 2 Control | Evidence to Provide | Relevant Policies |
PI1.1 System Specifications | Requirements documents, system design documents, and business process flows. | Systems Requirements Policy |
PI1.2 Input Validation | Screenshots of automated input validation rules and error logs. | Data Integrity Policy |
PI1.3 Complete Processing | Logs of successful data processing jobs, and batch process completion reports. | Processing Integrity Policy |
PI1.4 Accurate Processing | Quality assurance (QA) reports, reconciliation reports, and validation test results. | Quality Assurance Policy |
PI1.5 Timely Processing | System logs showing timestamps of data processing, and SLA reports. | System Operations Policy |
PI1.6 Authorized Processing | Audit logs showing who authorized data changes, and a record of change requests. | Change Management Policy, Access Control Policy |
PI1.7 Data Storage Integrity | Database schema documentation, integrity check logs, and data backup reports. | Data Management Policy, Database Security Policy |
PI1.8 Output Validation | Screenshots of output reports, logs showing output generation, and distribution logs. | Output Management Policy |