Aligning your ISMS with US customer expectations
What it is
This add-on maps the Trust Services Criteria (TSC 100), commonly associated with SOC 2, directly to your ISO 27001-based ISMS. While ISO 27001 is a global certification structured around risk management, SOC 2 is an American attestation focused on control evidence. This add-on bridges the gap, allowing you to speak the right compliance language to the right market.
When to use it
Use this add-on when international clients, enterprise buyers, or US-based customers ask for a SOC 2 report or flood your team with custom security questionnaires based on the Trust Services Criteria. If you are already running an ISO 27001 system, you are closer to SOC 2 than you think: this add-on gets you the rest of the way without the usual manual pain.
What it adds
It helps you understand exactly how the Trust Services Criteria relate to your existing ISO 27001 controls so you can manage overlapping assurance requirements in one central system instead of duplicating your efforts. This add-on upgrades your Instant 27001 setup by providing:
- 9 comprehensive mapping tables for the mandatory Common Criteria / Security domain.
- 4 additional mapping tables covering the optional SOC 2 trust criteria: Availability, Confidentiality, Processing Integrity, and Privacy.
- Full digital integration featuring active hyperlinks within each mapping table that connect directly to the corresponding control and policy pages in your Instant 27001 environment.
- A clear roadmap to gather audit-ready control evidence that satisfies both internal ISO auditors and external SOC 2 CPA practitioners simultaneously.
Relevant for
- SaaS companies selling internationally
- Companies serving enterprise customers
- Organizations receiving SOC 2-style questionnaires
- Scale-ups preparing for US or global customer expectations
Pricing
€ 1 495
All prices are excluding applicable taxes and subscription fees for Confluence, Microsoft 365 or ISOPlanner.