Changelog

What we've shipped.

New capabilities, improvements, and fixes to soc2doc — newest first.

New

Audit-readiness view

Your dashboard now shows, at a glance, which committed controls have missing or stale evidence (older than 18 months) against your next audit date — with a single readiness figure you can drop into your weekly update.

New

Read-only access for contractors

Organizations can now give a contractor or outside auditor read-only access to their dashboard. They see the full control matrix, evidence, and registers, but cannot change anything — every edit is blocked in the interface and on the server.

New

Client dashboard for active engagements

Clients now sign in with their email — a magic link, no passwords — and see their own control matrix, attach evidence to each control, record who owns what, and switch between every report we hold for their organization.

New

The free Commitment Review moves to the front

Upload a SOC 2 report and get every commitment in it mirrored back in plain English, organized by business function. A practitioner verifies the extraction before it reaches you. No score, no checklist — just what you committed to.

Improved

Works with your existing stack

A page showing where soc2doc sits on top of the GRC tools and controls you already run — so you can see how it fits before you talk to anyone.

New

Secure-deletion option

A $99 add-on that permanently deletes your uploaded report and returns a certificate of deletion.

New

Mutual NDA before upload

Every upload is gated behind a mutual NDA, and your consent to machine and human review is logged separately with a timestamp.