> Are you able to, as Your Company LLC, (self) certify yourself as a SOC2 complaint entity? Maintain your own records and be able to provide them for audits from the parent company?
I recognize that you are just making a creative suggestion here, but that is impossible. SOC2 certification is incredibly complex and hard to manage (not to mention, costing tens of thousands of dollars a year). It is difficult to the point of impossibility for one person to achieve.
Not only is is practically impossible, it is also literally impossible for a one-man show to achieve SOC2, because there are control objectives that require separation of duties and verification of one person's work by another. I think the absolute smallest a company could be and achieve a SOC2 would be three people.
I recognize that you are just making a creative suggestion here, but that is impossible. SOC2 certification is incredibly complex and hard to manage (not to mention, costing tens of thousands of dollars a year). It is difficult to the point of impossibility for one person to achieve.
Not only is is practically impossible, it is also literally impossible for a one-man show to achieve SOC2, because there are control objectives that require separation of duties and verification of one person's work by another. I think the absolute smallest a company could be and achieve a SOC2 would be three people.