Security Implementation

Establishing Compliance with SOC 2 Security Implementation

Establishing Compliance with SOC 2 Security Implementation

The Background

The Client is a provider of a Robo-advisory platform offering financial and non-financial firms the ability to integrate and benefit from the shift in digital wealth. Based in Singapore, they market their services globally. The Client observed an increased need from their clients and prospects for audit reports such as Service Organisation Control (SOC) 2 to gain assurance on its information security controls and gain competitive advantage in the marketplace.

The Process

The project started with a scoping exercise with the Client to understand their needs and requirements of SOC 2 based on their current set of IT infrastructure.

Pragma then reviewed the Client's IT environment and identified gaps against standards such as MAS TRM and SOC 2 focusing on security, availability, processing integrity, confidentiality and privacy controls in the organisation. We also helped and enabled the Client to implement technical solutions such as Tripwire, Sophos, AWS GuardDuty and AWS VPN, and set up their back-up and patch management. Pragma also helped to establish policies and procedures to meet these standards and best practices.

The Result

The work we produced helped the Client understand their information security risks and allowed them to mitigate many of these risks through our recommendations and solutions. We also helped to prepare the Client in undertaking external audits should they pursue them in the future.


Information Security Controls
Audit Reports
Service Organisation Control
IT Infrastructure
Security Controls
Processing Integrity
Privacy Controls
Technical Solutions
AWS GuardDuty
Back-up and Patch Management
Policies and Procedures
Information Security Risks
External Audits
Best Practices

Pragma Logo

Terms & conditions

Privacy Policy