# BellPathOS SOC 2 Evidence Templates

Collect evidence at least monthly during readiness and continuously during a Type II observation period.

## Access Control Evidence
- Cloudflare account users and roles screenshot
- MFA enabled evidence
- Worker secrets inventory without secret values
- Domain/DNS admin access review

## Change Management Evidence
- Release version manifest
- ZIP checksum
- Go-live checklist completion
- Security check output
- Rollback notes

## Incident Response Evidence
- Incident ticket or log
- Timeline
- Impacted data classification
- Client notification decision
- Root cause and corrective action

## Vendor Risk Evidence
- Cloudflare, Plaid, AI provider, Stripe, email provider review
- Data handled by each vendor
- Terms/privacy/security links
- Renewal review date

## Backup and Recovery Evidence
- Safe Mode test
- Restore/import test
- Data export/delete test
- Cache purge test