Auditor-aligned • SOC 2 Type I/II foundation

SOC 2 Phase 1 Starter Kit

Stop downloading disjointed policy PDFs. Deploy a phased SOC 2 starter system — scoping, system description, control worksheet, project plan, and core security policies built for B2B SaaS.

Get the Phase 1 Starter Kit — $297 Inspect the Documents
11 Foundation Templates
Excel + Word Editable Source Files
0 Subscription • Lifetime ZIP
SOC 2 Trust Services Criteria Scoping & system description ready Core COR security policies included Website guide for every template

Scope in days, not months

SOC-002 questionnaire and SOC-003 control worksheet replace blank-slate scoping calls.

Auditor-friendly structure

SOC-004 system description and SOC-005 project plan match what boutique firms charge $5k+ to draft.

Fully editable assets

DOCX and XLSX — customize in Word, Excel, or Google Workspace. No platform lock-in.

Skip $10k+ consultant drafts

Operational templates at a fraction of Big 4 and GRC platform onboarding fees.

What’s inside the ZIP

11 foundation templates — scoping, policies, and project controls for Phase 1 readiness

COR-001Word

Information Security Policy

Editable template with section-by-section guide at lintgrc.com/templates/information-security-policy-template/.

SOC 2Foundation
COR-002Word

Access Control Policy

Editable template with section-by-section guide at lintgrc.com/templates/access-control-policy-template/.

SOC 2Foundation
COR-003Word

Risk Management Policy

Editable template with section-by-section guide at lintgrc.com/templates/risk-management-policy-template/.

SOC 2Foundation
COR-004Word

Data Retention and Deletion Policy

Editable template with section-by-section guide at lintgrc.com/templates/data-retention-deletion-policy-template/.

SOC 2Foundation
COR-005Word

Organizational Chart Template

Editable template with section-by-section guide at lintgrc.com/templates/organizational-chart-template/.

SOC 2Foundation
SOC-001Word

SOC 2 Readiness Guide and Roadmap

7-step readiness roadmap with milestones auditors expect before Type I.

SOC 2Foundation
SOC-002Word

SOC 2 Scoping Questionnaire

Structured scoping questionnaire — trust criteria, boundaries, and subservice orgs.

SOC 2Foundation
SOC-003Excel

SOC 2 Control Scoping Worksheet

Control scoping worksheet with instructions tab and criteria mapping.

SOC 2Foundation
SOC-003AExcel

SOC 2 Readiness Scanner and Gap Analysis

Optional domain readiness scanner for a quick gap snapshot.

SOC 2Foundation
SOC-004Word

SOC 2 System Description Workbook

System description workbook aligned to SOC 2 reporting.

SOC 2Foundation
SOC-005Excel

SOC 2 Project Plan Template

Project plan template with owners, dates, and phase gates.

SOC 2Foundation

Random SOC 2 downloads fail audits before they start

The Phase 1 Starter Kit is a coordinated foundation — not a folder of unrelated files.

Roadmap → scoping → controls

SOC-001 routes your team through SOC-002, SOC-003, and SOC-004 in the order auditors expect.

One project timeline

SOC-005 project plan dates align with readiness milestones from SOC-001.

Policy pack included

COR-001 through COR-005 cover information security, access, change, and incident basics.

Optional gap scan

SOC-003A readiness scanner gives a quick domain score before you commit audit scope.

Generic SOC 2 templates vs. LintGRC Phase 1

What you get when foundation documents actually connect

System Feature
Generic Templates
LintGRC Phase 1
Scoping & system description
Generic policy boilerplate
SOC-002 + SOC-004 workbooks
Control selection
Static PDF checklists
SOC-003 worksheet with instructions tab
Project planning
None
SOC-005 plan with owners and dates
Policy coverage
Single security policy
COR-001–005 core policy set
Implementation guides
Rarely
lintgrc.com guide per template
Price
Free (incomplete)
$297 one-time

Built for Phase 2 and Phase 3

Phase 1 folder names and doc IDs carry forward — no renumbering when you upgrade kits.

SOC-003 control list → feeds Phase 2 access reviews
COR policies → extended in Phase 2B
SOC-004 system description → evidence index in Phase 3
SOC-005 plan → audit timeline in Phase 3

SOC 2 Phase 1 Starter Kit

$397 $297 one-time
  • 11 SOC 2 foundation templates (Word, Excel, CSV)
  • SOC-001 readiness roadmap + SOC-003A scanner
  • COR-001 through COR-005 core security policies
  • START_HERE.txt + README.txt at ZIP root
  • Website guide for every template
  • Instant download after purchase
Get the Starter Kit — $297

No subscription. One payment. Licensed for your organization.

Frequently asked questions

Is this enough to pass a SOC 2 audit?

Phase 1 establishes scope, policies, and planning. You still need operating controls and evidence over your observation period — Phase 2 and Phase 3 kits cover implementation and auditor handoff.

Do I need a GRC platform?

No. Teams use these templates with spreadsheets and existing tools. Automation platforms help at scale but are not required for Type I readiness.

What’s the difference vs. free templates online?

LintGRC templates share IDs, cross-references, folder layout, and on-site guides — so your scoping worksheet, system description, and policies stay aligned.

Ready to scope your SOC 2 audit?

Join startups that stopped piecing together free downloads and started with an auditor-aligned foundation.

SOC 2 Phase 1 Starter Kit

Single-organization license • Editable source files • Operational guides included

Disclaimer: Templates support SOC 2 readiness; they do not guarantee audit passage. Controls must operate over your observation period. Licensed for your organization only — do not redistribute.