Entries by Ashlyn Burgett

What is a SOC 1 Report?

Once you’ve made it through the evidence gathering portion of the SOC 1 audit process, our specialized team of professional writers will take the information gathered by our auditors and provided by you in our Online Audit Manager to create a final SOC 1 report. What is a SOC 1 report? It is a report that is based on the Statement on Standards for Attestation Engagements Number 18, Section 320 (SSAE 18) and reports on the effectiveness of your internal controls that may be relevant to your client’s internal controls over financial reporting (ICFR). What’s included in this report? How do you use a SOC 1 report? Let’s find out.

Explaining Audit Periods

While SOC 1 Type I audit engagements evaluate a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) at a specific point in time, a SOC 1 Type II audit evaluates a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) over a period of time, usually between six and twelve months. How do go about choosing your audit period? There are a few things you need to know.

Smart Cities vs. Secure Cities: Is There Really a Difference?

From IoT devices, including cameras, traffic signals, and public transportation to city management systems and public data, cities all over the world are making an effort to become “smart” cities. But an increase in new smart technologies comes with an increase in cybersecurity risks; something that not all smart cities know – or are capable of – mitigating.

What Does GDPR Mean for Marketing?

Has your organization considered the GDPR implications for marketing? Because of the misconception that GDPR is solely for lawyers and information security teams, many organizations don’t realize how their marketing activities impact their GDPR compliance efforts. GDPR is more than a data privacy law. Instead, GDPR is a mandate that affects how organizations market, collect, use, and store consumers’ personal data, so GDPR compliance and awareness are just as important for the marketing departments as they are for IT departments.