SOC 2 Readiness · EAZYDEV

We build EAZYDEV with the kinds of controls a SOC 2 examination looks for, mapped to the Trust Service Criteria (Security, Availability, Confidentiality, Privacy, Processing Integrity). This statement describes our readiness.

Honest scope: we describe ourselves as SOC 2-ready / SOC 2-aligned. We have not completed an independent SOC 2 audit (Type I or Type II) and we do not advertise certification. We will only state certification once an audit is completed.

ImplementedSecurity — role-based access control, restricted admin access, 2FA, password rules, per-business isolation.
ImplementedConfidentiality — encryption in transit, secrets in environment only, logs free of secrets.
ImplementedPrivacy — privacy policy, consent management, data-subject request workflow.
ImplementedAppend-only audit trail, vendor review, incident-response policy, secure-deployment checklist.
In progressAvailability & Processing Integrity — server monitoring, change management and control documentation.
In progressRisk assessment, vulnerability-scanning process and backup restore-testing.
PlannedSecurity-training records and a formal independent SOC 2 audit.

This is a readiness statement, not a SOC 2 report or certification. Formal review is recommended before relying on it for enterprise procurement. Contact: privacy@eazystock.ng · See our Security & Trust page.

SOC 2 readiness statement