Table of Contents
Getting Started
It is one of your critical vendors. They’ll have access to your most sensitive data. You need an in-depth analysis of their security practices to ensure that your data will be safe with them. So you request their SOC 2 Audit Report…
Four hours into reviewing a 95-page document, you think, there has to be a better way!
Introducing Whistic’s AI-powered SOC 2 Summarization tool. It reviews and analyzes SOC 2 reports, providing a detailed executive summary that includes everything you need to know about that vendor’s security controls as outlined in the SOC 2.
If you haven't yet reviewed Whistic's AI & Security policies for how information is accessed, stored, used, etc - please go here for more information.
How to Request a Summary
- Open the Vendor Detail page
- Go to the vendor’s Document Repository dropdown
- Upload the vendor’s SOC 2 Audit Report
-
Select the Summarize SOC 2 button
-
A window will appear displaying documents available for summarization.
- To be eligible for summarization, the document must be a PDF file type uploaded to the vendor’s Document Repository.
- Additionally, each account is allotted a certain number of Summaries. Upon requesting a new one, you'll see how many requests remain. If there are no longer any Summary credits available, please contact your CSM.
-
Select the document to be summarized
- Currently only SOC and SOC 2 reports are supported. If you select a different type of report, it will fail.
- Select Create Summary
-
Within a few minutes, a new document will appear in the vendor’s Document Repository. The new document will:
- Appear automatically once complete, no need to refresh
- Use the same Name as the original document with ‘Summary’ appended - ie) original_document - Summary.pdf
- Have a Source = AI Generated
- Once the summary is available, you'll receive a message in the Notification Center, see the 'bell' icon in the upper right. If the file does not appear within 30 minutes, please contact support@whistic.com.
- Finally - Not only will you get the summarized document, but much of of the key information extracted will be available in a new reporting index call SOC 2 Summaries.
FAQ
-
Does this support file types other than PDF?
- No
-
Does this support other types of reports than SOC2s?
- We currently support summarizing SOC1 and SOC2 reports. If you attempt to summarize a different type of report, the process will fail. (Please let us know what other report types you are interested in summarizing – different document types will be supported soon.)
-
Can I select more than one document at once?
- No
-
Will this work for SOC 2 reports gathered from a questionnaire?
- Yes
-
Will this work for SOC 2 reports gathered from an issue?
- No, we are still working on this.
-
Can I view the summary without needing to download?
- Yes