SOC Reporting Archives

How to Read a SOC 2 System Description

In this blog, we’ll dive into one of the most important parts of a SOC 2 report, the SOC 2 System Description! During your due diligence process, a vendor sends [...]

By Kendall Morris|2021-01-27T21:22:32+00:00January 25th, 2021|SOC Reporting|0 Comments

SOC 2 Trust Services Criteria That Apply to Your Business

A guide to the Trust Services Criteria Knowing when to include the various SOC 2 Trust Services Criteria (TSC) (also, criteria) can seem like a daunting task, but it does [...]

By Phillip Lee|2020-10-19T19:53:10+00:00October 19th, 2020|SOC Reporting|0 Comments

SOC 2 Success in 5 Simple Steps

How can you ensure success for your company’s SOC 2 initiative? Here are 5 Steps to SOC 2 success – best practices and lessons learned from the field! I have [...]

By Christian White|2020-09-28T14:50:09+00:00September 28th, 2020|SOC Reporting|0 Comments

Understanding SOC 2 Opinions

If you just received a SOC 2 report and do not know where to start analyzing, this blog is for you! SOC 2 reports can easily reach 50+ pages and [...]

By Jack Nguyen|2020-09-09T21:29:49+00:00August 24th, 2020|SOC Reporting|0 Comments

ISO 27001 vs SOC 2: Choosing a Compliance Framework

In a previous blog post, we discussed the differences between SOC 2 vs ISO 27001. In this post, we will look at the factors affecting the decision of choosing which [...]

By Kendall Morris|2020-12-08T19:14:41+00:00August 3rd, 2020|ISO 27001 Compliance, SOC Reporting|0 Comments

SOC 2 vs ISO 27001: What’s The Difference?

Navigating the ins and outs of two of the most popular compliance frameworks. When it comes to vendor due diligence, many companies are raising the bar. This article will help [...]

By Kendall Morris|2020-08-04T12:33:07+00:00July 13th, 2020|ISO 27001 Compliance, SOC Reporting|0 Comments

Webinar: SOC 2: Everything You Need to Get a SOC 2 Report

Check out our webinar from Christian White and Christian Hyatt in which they cover the basics of SOC 2 reporting, what to expect during a SOC 2 audit, and why [...]

By Christian White|2020-06-28T20:28:59+00:00July 8th, 2020|SOC Reporting, Webinars|0 Comments

How to Create Effective Policies

How to leverage information security policies into leveling up your security program. People often regard information security policy as a "check-the-box" compliance initiative. Many organizations will copy a policy [...]

By Kendall Morris|2020-08-25T15:40:53+00:00December 16th, 2019|CISO Discussions, Cyber Risk Management, ISO 27001 Compliance, IT Audit and Compliance, SOC Reporting|1 Comment

risk3sixty Successfully Completes Peer Review

At risk3sixty, we pride ourselves on craftsmanship. It is one of our core values. As a result, every engagement follows a rigorous quality standard and multiple levels of internal quality [...]

By Christian Hyatt|2020-08-25T16:52:10+00:00July 29th, 2019|Culture, News and Events, SOC Reporting|0 Comments

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report?

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.

By Christian White|2020-01-17T21:17:50+00:00March 20th, 2019|IT Audit and Compliance, SOC Reporting|1 Comment