Register Owner: CISO
Effective Date: June 13, 2026
Reviewed: Quarterly and at each ISMS Management Review
Frameworks: program-level (SOC 2 CC1.x governance reporting). Companion to the SOC 2 Readiness Timeline and Compliance Frameworks.
Program timeline across the committed framework roadmap. Dates reflect the current plan; the SOC 2 Readiness Timeline holds the detailed task list.

Roadmap

Notes

  • SOC 2 Type I and the initial Type II window both open 2026-06-22; the initial window closes 2026-09-22, with the report following ~weeks later. Subsequent Type II runs rolling, gap-free.
  • ISO 27001:2022 / ISO 42001 — documentation is complete (SoAs, ISMS/AIMS docs); the gating item is the clause 9.2 internal-audit function before certification audits.
  • EU AI Act — Art. 50 transparency applies 2026-08-02 (in-product); high-risk obligations phase in toward 2027-12-02.
  • FedRAMP / IL5 — evaluation only, contingent on a funded federal contract; not a current commitment (see Compliance Frameworks).

Cross-references

Version history

VersionDateDescriptionAuthorApproved by
1.0June 13, 2026Initial compliance roadmap (Gantt).Cameron WolfeIshan Jadhwani