Tradelogiq Management Inc.

Anthony assisted the company in the transition to a SOC2 addressing its alternative trading systems (ATS) in place for its order matching and trade execution marketplaces. 

Initial planning required the development of an appropriate SOC2 controls framework which would meet the requirements of the OSC (regulator), in particular the requirements of the National Instrument (NI) 21-101 and NI 23-101.  The instruments specify certain internal control requirements and the need for an independent systems review (ISR) to address these requirements.  Accordingly, the initial effort required a strong understanding of the instruments and with his deep understanding of the SOC2 criteria, Anthony developed an initial SOC2 controls framework which was able to satisfy the need for the ISR report.  

From the initial planning, a SOC controls workbook was produced with mapping to previously reported controls and in-scope SOC2 criteria.  The controls framework and supporting guidance, was implemented into the company's Confluence implementation including numerous summary macro's and queries to help monitor progress and summarize results of testing and any outstanding areas for attention.  The framework within Confluence provided opportunities to link directly to source policies, procedures and supporting evidence. 

As part of the readiness process, Anthony assisted the company with the development of numerous policies and procedures to support the SOC2 controls including code of conduct, HR related policies and procedures, risk assessment policies and procedures, security policies and procedures, system architectural descriptions and diagrams, incident management procedures, change and software development procedures.