The SS-SOC2-001 Companion Pack is a complete, offline-first SOC 2 enforcement toolkit built on the SKYE Standard. Four compliance documents — Checklist, Evidence Index, Scorecard, and Exception Form — running entirely in your browser. No backend. No subscriptions. Just proof.
SOC 2 posture is the provable state of readiness — showing controls are designed, operating, and backed by continuously retrievable evidence. The SS-SOC2-001 Companion Pack makes that enforcement consistent across teams and geographies, with zero infrastructure required.
SS-SOC2-001 is a formal standard owned by the Skyes Over London LC Security & Trust Office. Every artifact maps to the standard's enforcement rules — no guesswork, no interpretation drift.
All edits save to your device via browser localStorage. No server receives your compliance data. Export a JSON snapshot any time and import it on another device to pick up where you left off.
The Evidence Rule is simple: if proof cannot be produced quickly, the control is treated as non-operational. This pack gives you the system to produce that proof — fast.
Use them in order: Checklist → Evidence Index → Scorecard → Exception Form (as needed). Each exports to JSON and CSV; each has a print-ready branded PDF.
The master control list — mandatory domains and applicable modules. Capture implementation status (Not Started / In Progress / Implemented / Not Applicable) for every SOC 2 control. Export your status as JSON for posture submissions or auditor review.
The proof binder. Log every piece of evidence — screenshots, logs, configurations, reports — with control mapping, artifact type, date, and reviewer. Export to CSV for auditor handoff. If it's not in here, it doesn't exist.
Score each SOC 2 domain 0–5 against the SKYE tier framework. Auto-fail gates flag mandatory gaps that block production promotion. Aggregate score maps to a SKYE posture tier (Level 1–4). The single-page answer to "where do we stand?"
No permanent waivers. Every control gap gets a time-bound exception with a risk statement, compensating controls, remediation owner, end date, and validation method. The Exception Form is how you allow gaps without lying to yourself or your auditors.
Run through the four artifacts in order every audit cycle. The output of each feeds the next.
The Scorecard eliminates opinion from compliance. Each SOC 2 domain is scored 0–5 against defined SKYE criteria. Auto-fail gates fire on mandatory gaps. The aggregate maps directly to a production gate decision.
These rules apply to every system handled by Skyes Over London LC. The Companion Pack is built to enforce them — not suggest them.
The Evidence Index is where compliance becomes provable. Log every screenshot, log file, configuration export, report, and policy document against the control it satisfies. When an auditor asks, the answer is a CSV export — not a scramble.
Run the full enforcement cycle — checklist to scorecard — on a defined cadence. The pack gives you a standard format so nothing changes from cycle to cycle.
Know your production gate status before pushing. The Scorecard answers "are we Level 2+?" without waiting for a compliance team review.
Request a posture package from any SOL team or partner. The Companion Pack produces a standardized, printable output that speaks for itself.
The SS-SOC2-001 Companion Pack opens in your browser in seconds. All four documents are ready to use. Your data never leaves your device.