Video Archives

SOC 2 Academy: A Board’s Independence from Management

by Joseph Kirkpatrick / December 16, 2022

Common Criteria 1.2 When a service organization undergoes a SOC 2 audit, auditors will be looking to validate that they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 1.2 states, “The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.” Let’s take a look at how boards of directors can demonstrate independence from…

SOC 2 Academy: How Does an Auditor Test for Integrity?

by Joseph Kirkpatrick / December 16, 2022

Common Criteria 1.1 When a service organization undergoes a SOC 2 audit, auditors will be looking to validate that the organization complies with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 1.1 states, “The entity demonstrates a commitment to integrity and ethical values.” So, what does an organization need to do to demonstrate this? How will the auditor test for integrity? Let’s discuss. Tone…

SOC 2 Academy: Integration with the COSO Framework

by Joseph Kirkpatrick / December 16, 2022

The Five Components of Internal Control: CRIME The COSO Internal Control — Integrated Framework is one of the most common models used to design, implement, maintain, and evaluate internal controls and is split into five components: control environment, risk assessment, information and communication, monitoring activities, and existing control activities. A common way to remember these five components that are used to evaluate the effectiveness of internal controls is the acronym…

SOC 2 Academy: Points of Focus

by Joseph Kirkpatrick / December 16, 2022

What is a Point of Focus? In the past, many organizations have struggled on their journey toward SOC 2 compliance because they lacked an understanding of what they needed to do to comply with the Trust Services Criteria. As such, one of the enhancements to SOC 2 reporting includes points of focus, which will assist organizations when they are designing, implementing, operating, and evaluating controls over security, availability, confidentiality, processing…

SOC 2 Academy: What’s New with SOC 2?

by Joseph Kirkpatrick / December 16, 2022

New Elements of SOC 2 In April 2017, the AICPA issued several updates to SOC 2 reporting. The most noticeable change is the revision from “Trust Services Principles and Criteria” to “Trust Services Criteria.” Other updates include points of focus, supplemental criteria, and the inclusion of the 17 principles from the 2013 COSO Internal Control Framework. Let’s take a look at how these principles will be used in a SOC…

Blog

Video

SOC 2 Academy: A Board’s Independence from Management

SOC 2 Academy: How Does an Auditor Test for Integrity?

SOC 2 Academy: Integration with the COSO Framework

SOC 2 Academy: Points of Focus

SOC 2 Academy: What’s New with SOC 2?

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.