Blog Archives

SOC 2 Academy: How to Perform a Thorough Inventory

by Joseph Kirkpatrick / May 31, 2023

Common Criteria 6.1 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 6.1 says, “The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity’s objectives.” While we have discussed many points of focus that organizations…

SOC 2 Academy: Additional Points of Focus for Logical Access

by Joseph Kirkpatrick / May 31, 2023

Common Criteria 6.1 While not requirements, points of focus are meant to serve as references to assist organizations when they are designing, implementing, operating, and evaluating controls over security, availability, confidentiality, processing integrity, and privacy. When it comes to implementing logical access controls, there are some additional points of focus that will help organizations ensure that their information security systems remain secure. Let’s take a look at how these additional…

Remote Auditing vs. Onsite Assessments: What Do I Want?

by Sarah Harvey / June 14, 2023

There’s a lot to consider when choosing an audit partner. What does their audit process look like? What kind of services do they offer? How will they help you reach your audit objectives? How much do they charge? Will they perform a remote audit or an onsite assessment? While these are all valid concerns, organizations also have to consider their own intentions behind pursing compliance: is it required to partner…

Are Your Remote Employees Working Securely?

by Sarah Harvey / June 15, 2023

Employees are often considered an organization’s weakest link, but remote employees create additional risks that businesses must be cognizant of. As more and more businesses opt to hire remote employees, they need to prepare for and stay ahead of these risks. What would happen if a remote employee used public WiFi and a malicious hacker gaining access to your organization’s sensitive files? What would be the impact if your remote…

SOC 2 Academy: Protection Through Logical Access

by Joseph Kirkpatrick / May 31, 2023

Common Criteria 6.1 When a service organization undergoes a SOC 2 audit, auditor will look to validate that they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 6.1 says, “The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity’s objectives.” What will an auditor look for when assessing…

Blog

Blog

SOC 2 Academy: How to Perform a Thorough Inventory

SOC 2 Academy: Additional Points of Focus for Logical Access

Remote Auditing vs. Onsite Assessments: What Do I Want?

Are Your Remote Employees Working Securely?

SOC 2 Academy: Protection Through Logical Access

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.