Blog

SOC 2 Academy: Managing Vendor Risk

by Sarah Harvey / December 16, 2022

Common Criteria 9.2 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 9.2 says, “The entity assesses and manages risks associated with vendors and business partners.” How can organizations be sure that they’re complying with this criterion? Let’s take a look at key ways organizations can manage vendor risk.…

SOC 2 Academy: Mitigating Risks that Lead to Business Disruptions

by Joseph Kirkpatrick / December 16, 2022

Common Criteria 9.1 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 9.1 says, “The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives.” How can organizations be sure that they’re complying with this criterion?…

SOC 2 Academy: Change Management Best Practices

by Joseph Kirkpatrick / December 16, 2022

Common Criteria 8.1 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 8.1 says, “The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives.” How can organizations be sure that they’re complying with this criterion?…

Requirements for GDPR Data Processing Agreement

by Sarah Harvey / December 16, 2022

The GDPR has quickly reshaped attitudes towards data privacy around the world and has given EU data subjects more autonomy over how their data is used than ever before. Personal data increasingly flows between organizations because most businesses partner outsource some aspect of their business functions, creating webs of responsibility and oversight. However, with many ambiguous requirements for data controllers, processors, and sub-processors, entities might still have questions about certain…

Top 4 Information Security Concerns for Shared Working Spaces

by Sarah Harvey / June 15, 2023

From WeWork, Impact Hub, and Knotel to Serendipity Labs, Green Desk, and Techspace, coworking spaces are revolutionizing how people work. A shared working space, or a coworking space, is an environment that fosters collaboration by allowing companies and employees of all sizes and industries to share equipment, offices, and in some cases, ideas. These coworking spaces offer a variety of benefits including flexible leasing or membership options, more affordable working…

SOC 2 Academy: Managing Vendor Risk

SOC 2 Academy: Mitigating Risks that Lead to Business Disruptions

SOC 2 Academy: Change Management Best Practices

Requirements for GDPR Data Processing Agreement

Top 4 Information Security Concerns for Shared Working Spaces

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.