How can you help ensure the successful and timely completion of your compliance audit? This article provides insights into what we've found successful compliance auditees do during the audit process. [...]
The AICPA-designated SOC 2 framework is used to express an opinion on controls over security, privacy, availability, confidentiality, and processing integrity for many different systems, organizations, and environments. In addition [...]
So, you’ve been tasked with providing evidence for an audit. You may be wondering what your auditor is even looking for. Let’s take a look behind the scenes at why [...]
Whether you are pursuing an ISO 27001 certification or a SOC 2 report, a robust asset inventory is going to be key to addressing compliance requirements and help you understand [...]
How do you perform a risk assessment, and what do you do with the results? Find out the answers to some common risk assessment questions in Part 1 of our two-part [...]
In this blog, we’ll dive into one of the most important parts of a SOC 2 report, the SOC 2 System Description! During your due diligence process, a vendor sends [...]
A guide to the Trust Services Criteria Knowing when to include the various SOC 2 Trust Services Criteria (TSC) (also, criteria) can seem like a daunting task, but it does [...]
How can you ensure success for your company’s SOC 2 initiative? Here are 5 Steps to SOC 2 success – best practices and lessons learned from the field! I have [...]
If you just received a SOC 2 report and do not know where to start analyzing, this blog is for you! SOC 2 reports can easily reach 50+ pages and [...]
In a previous blog post, we discussed the differences between SOC 2 vs ISO 27001. In this post, we will look at the factors affecting the decision of choosing which [...]