SOC2 and ISO Auditor

We are looking for a qualified independent auditor or audit firm to conduct SOC 2 and ISO 27001 audits for a small SaaS company already using Drata. We are not looking for compliance automation, policy templates, readiness consulting, or a GRC platform. We already use Drata and need properly qualified auditors who can work directly from our Drata evidence and issue the required audit deliverables. Scope of Work We are seeking support for one or both of the following: SOC 2 Audit SOC 2 Type I and/or Type II Initial focus likely on the Security Trust Services Criterion Review evidence through Drata Conduct audit fieldwork Issue a formal SOC 2 report ISO/IEC 27001 Certification Audit ISO/IEC 27001:2022 certification audit Stage 1 and Stage 2 audit Review ISMS evidence through Drata Issue ISO 27001 certification if audit is successful Confirm annual surveillance requirements and ongoing certification cycle Required Qualifications For SOC 2: Must be a licensed CPA firm or otherwise properly qualified to issue SOC 2 reports under AICPA standards Must be able to provide evidence of CPA firm licensing and peer review status Must have prior experience conducting SOC 2 audits for SaaS, software, or cloud-based companies Must be comfortable working inside Drata For ISO 27001: Must be an accredited ISO 27001 certification body, or an auditor working under an accredited certification body Must be able to provide accreditation details that can be verified through IAF CertSearch, ANAB, UKAS, or another recognized accreditation body Must be able to issue an accredited ISO/IEC 27001:2022 certificate Must have prior experience auditing SaaS, software, or cloud-based companies Must be comfortable reviewing evidence through Drata Company Profile