Home|Posts|Christian White

About Christian White

Christian is a strategic business partner, helping High-Growth Technology Companies build, manage, and certify their Security, Privacy, and Compliance programs. Christian leads risk3sixty's Compliance Practice, overseeing SOC 2, PCI DSS, and HITRUST services.

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report?

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report.  Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.

By |2020-01-17T21:17:50+00:00March 20th, 2019|IT Audit and Compliance, SOC Reporting|1 Comment
Go to Top