06
Compliance & DD Readiness
Gap-closure programme for SOC 2, DORA, FCA Operational Resilience, or a sector-specific audit.
4 weeks
Who this is for
Series B-stage companies, regulated-industry companies, companies receiving customer DD questionnaires.
When you need it
There's a compliance audit, due diligence, or institutional procurement review on the horizon. You need a clear 'what to fix and in what order' plan - not a 200-page deck.
What's delivered
- Gap analysis against the relevant framework (SOC 2 / DORA / FCA OR / sector-specific)
- Risk-prioritised remediation roadmap
- Process and policy templates: on-call rota, incident management, access review, change management, data-handling
- Vendor selection: SOC 2 readiness platform, DORA tooling, etc.
- Sample evidence pack the client can take into the audit
- Decision framework: what's worth doing in-house vs outsourcing
Investment
Named on the fit call
Fixed price, fixed scope. Every engagement carries the four guarantees: Sprint 1 Escape Hatch, Board-Ready Quality, Three-Client Cap, Skin-in-the-Game Pledge.