SOC 2 Trust Services Criteria That Apply to Your Business
A guide to the Trust Services Criteria Knowing when to include the various SOC 2 Trust Services Criteria (TSC) (also, criteria) can seem like a daunting task, but it does [...]
A guide to the Trust Services Criteria Knowing when to include the various SOC 2 Trust Services Criteria (TSC) (also, criteria) can seem like a daunting task, but it does [...]
How can you ensure success for your company’s SOC 2 initiative? Here are 5 Steps to SOC 2 success – best practices and lessons learned from the field! I have [...]
If you just received a SOC 2 report and do not know where to start analyzing, this blog is for you! SOC 2 reports can easily reach 50+ pages and [...]
In a previous blog post, we discussed the differences between SOC 2 vs ISO 27001. In this post, we will look at the factors affecting the decision of choosing which [...]
Navigating the ins and outs of two of the most popular compliance frameworks. When it comes to vendor due diligence, many companies are raising the bar. This article will help [...]
Check out our webinar from Christian White and Christian Hyatt in which they cover the basics of SOC 2 reporting, what to expect during a SOC 2 audit, and why [...]
How to leverage information security policies into leveling up your security program. People often regard information security policy as a "check-the-box" compliance initiative. Many organizations will copy a policy [...]
At risk3sixty, we pride ourselves on craftsmanship. It is one of our core values. As a result, every engagement follows a rigorous quality standard and multiple levels of internal quality [...]
Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.
If your clients or prospects have requested a SOC 2 report, obtaining a SOC 2 report typically follows a three step process. Step 1: Readiness Assessment A readiness assessment helps [...]