|
|
|
|
|
|
by gunapologist99
848 days ago
|
|
|
SOC2 (Type 1) doesn't have to be that expensive, not counting your own time. For a very small company, it can run as low as $12-15k. Shop around. Don't invest a lot of time in individual deals when you're small. Aside from the time and probably attorney fees (and opportunity cost), it's pretty demoralizing if it doesn't come through, and most of the time it doesn't, especially when you're small. The distraction alone can kill your company. Focus on many smaller deals rather than one or two big deals. |
|
|
Btw the price comes from my latest adventure. I think 12k is too low unless you can literally do everything without help (i could have but it would've destroyed my time.) 20k is probably a realistic price floor with pentest included.
Although type 1 doesn't require a pen test or you to actually do anything. Just to say you would do it a certain way. Every prospect that has asked for SOC2 has wanted a separate pentest deliverable.