Ziggy
SOC Audit Support

Generate, edit, submit.
Audit-ready documentation.

Claude Code skills scan your codebase and generate system architecture reports and trust services criteria documentation. Edit in the Admin portal, then submit complete audit packages.

Admin Portal

Your SOC audit workflow in one place

Admin Portal — SOC Document Editor
Architecture ExampleSOC CC1 Example
Section 1

System Architecture Reports scan, fingerprint, document

The soc-system skill generates documentation for infrastructure, architecture, authentication, MFA, RBAC, encryption, and logging. The architecture-scan skill fingerprints all server modules into versioned manifests with SHA-256 hashes — tracking architectural drift for change management evidence.

  • soc-system skill generates 7 structured markdown files covering system infrastructure
  • architecture-scan fingerprints all server modules into versioned manifests (SHA-256)
  • Output to admin/soc/system/ — structured documentation ready for auditor review
  • Covers all 23 core modules with endpoint-level detail
  • Versioned manifests track architectural drift for change management evidence
Section 2

SOC Trust Services Criteria CC1-CC9, A1, C1, PI1, Privacy

The soc-template skill generates documentation for CC1-CC9, A1, C1, PI1, and Privacy criteria. Each document maps implemented controls to criteria requirements with evidence callouts. The guard-scan skill evaluates all controller endpoints and role guards for authorization evidence.

  • soc-template generates documentation for CC1-CC9, A1, C1, PI1, and Privacy criteria
  • Each document maps implemented controls to criteria requirements with evidence callouts
  • soc-capabilities produces a comprehensive feature catalog auditors reference
  • guard-scan evaluates all controller endpoints and role guards for authorization evidence
  • Policy registry export (GET /rbac/policies) provides machine-readable authorization evidence
Section 3

Review, Edit & Submit Admin portal SOC module

The Admin portal SOC module provides GET/PUT endpoints for editing generated CC1-CC9 and system documentation directly. Add organization-specific policies, procedures, and narrative context before combining with audit log exports and policy registry for complete submission packages.

  • Admin portal SOC module: GET/PUT /soc/doc/:name and /soc/system/:name endpoints
  • Edit generated CC1-CC9 and system documentation directly through the Admin portal
  • Add organization-specific policies, procedures, and narrative context
  • Documentation module (GET /system-docs/*) serves published reports with path traversal protection
  • Combine generated docs with audit log exports and policy registry for complete submission packages

Want to see it in action? Get in touch for a demo or trial

Get in touchSee a full application built with Ziggy