Auditing Basics: Audit Risk, Control Risk, and Detection Risk
by Joseph Kirkpatrick / May 17th, 2019
What Types of Risk Impact SOC 1 and SOC 2 Audits? SOC 1 and SOC 2 audits are largely impacted by various types of…
Auditing Basics: Carve-Out vs. Inclusive Vendors
by Joseph Kirkpatrick / May 10th, 2019
During the initial scoping phases of an organization’s audit engagement, your auditor will partner with you to help you narrow down the third-party vendors…
Auditing Basics: What is a Gap Analysis?
by Joseph Kirkpatrick / May 10th, 2019
Do You Need a Gap Analysis? If it’s your first time pursuing compliance for any framework - whether it’s SOC 1, SOC 2, PCI…
Auditing Basics: What are Control Objectives?
by Joseph Kirkpatrick / May 3rd, 2019
What are Control Objectives? Control objectives are statements that address how risk is going to be effectively managed by an organization, and your auditor…
Auditing Basics: What is an Assertion?
by Joseph Kirkpatrick / May 3rd, 2019
What is Management's Written Assertion? At the beginning stages of the SOC 1 or SOC 2 audit process, an organization will be asked to…
