3 Objectives of the COSO Framework and SOC 1

by Joseph Kirkpatrick / April 5, 2023

SOC 1 and the COSO Framework If you’re new to the SOC 1 audit process, you might be wondering what framework is used to evaluate the effectiveness of internal controls. This would be the Committee of Sponsoring Organizations of the Treadway Commission, or COSO Internal Control – Integrated Framework. This framework is one of the most common frameworks used to design, implement, maintain, and evaluate internal controls. It outlines three…

Breach Report 2019 – June

by Sarah Harvey / December 16, 2022

Regardless of the size or industry of organizations, every month there is headline after headline about new data breaches. Whether it’s a ransomware attack, a negligent employee opening a phishing email, or a state-sponsored attack, millions of individuals are impacted by data breaches and security incidents on a regular basis. Let’s take a look at some of the top data breaches that occurred during June and the lessons learned from…

What Makes a SOC 2 Audit Successful?

by Sarah Harvey / June 14, 2023

What happens after you receive your SOC 2 report? You’ve just used many resources – maybe even some that you were strapped to allocate – to go through a gap analysis, remediate the findings, and then begin the SOC 2 Type I and/or Type II audit. It’s a massive project that you should be proud to finish…but what now? What makes a SOC 2 audit successful? How do you make…

Wipro’s Data Breach: A Valuable Lesson for Managed Service Providers

by Sarah Harvey / December 16, 2022

In mid-April, KrebsOnSecurity reported that Wipro, one of India’s largest IT managed service providers, experienced a data breach impacting hundreds of thousands of their clients. The cause? An advanced phishing attack effecting a handful of employee accounts. These phishing attacks were then the gateway malicious hackers needed to target Wipro’s customers. What can we learn from this data breach? It all comes down to the need for effective third-party risk…

What is a SOC 1 Report?

by Sarah Harvey / April 12, 2023

What is a SOC 1 Report? Once you’ve made it through the evidence gathering portion of the SOC 1 audit process, our specialized team of professional writers will take the information gathered by our auditors and provided by you in our Online Audit Manager to create a final SOC 1 report. What is a SOC 1 report? It is a report that is based on the Statement on Standards for…