Startup Idea: Automated SOC 2 Compliance for Mobile Device Management

Startup idea to develop a software that automates SOC 2 compliance within the Mobile Device Management sector by simplifying the process of tying Git commit history to pull requests, ensuring minimum reviewers, and linking it to Jira ticket cards for easier review and release tracking. An ideal solution would save several hours of manual work monthly.

Mobile Device Management sector. We are currently within a SOC 2 evaluation period and one of my responsibilities is to manually go through our Git commit history and tie the commits from releases to a pull request. From the pull request I need to ensure/prove that there were at least 2 reviewers (who both accepted the pull request). From there I need to make sure that that pull request is linked to a Jira ticket card, which itself was added and reviewed by a committee of employees to go into that particular release of software. All of this is very time consuming and there are APIs which could help ease some of this burden but as far as I am aware no software out there currently solves this problem. Yes! This audit is the first one we are undergoing at an evaluation period of 6 months. We plan to continue these audits into the future and if this could be automated it would save myself and a few other people several hours of time each month to compile and verify this information.