Beginning December 15, 2018, (with optional adoption beginning April 2017) all SOC 2 reports will be required to utilize the updated Trust Services Criteria. The updated trust services criteria are an update to align with the seventeen COSO 2013 framework principles.
- 1: Updates to SOC 2 Criteria to align with 17 COSO 2013 Requirements.
- 2: At least 6 areas where you might have gaps.
- 3: New emphasis on third party risk management
- 4: Clarity on aligning risk assessment with business objectives
- 5: Specificity around quality data to support internal control
- 6: Engagement from top level leadership (including the Board of Directors)