by
Sarah Harvey / February 7, 2023
Which Trust Services Criteria Do I Need to Include in my SOC 2 Audit? Once you’ve determined you are ready to pursue a SOC 2 audit report, the first thing you have to decide is which of the five Trust Services Principles (recently updated to Trust Services Criteria) you want to include in your SOC 2 audit report. SOC 2 reports can address one or more of the following categories:…
by
Sarah Harvey / February 7, 2023
If you’re being asked about SOC 2 compliance for the first time, you may be wondering why. It’s becoming increasingly common for organizations to request that their vendors become SOC 2 compliant so they can ensure that the companies they are working with are appropriately protecting their sensitive information. Perhaps you’re a vendor of a larger organization who is being audited by a publicly traded company, or maybe you want…
by
Sarah Harvey / December 19, 2022
In order to understand the purpose of a Service Organization Control (SOC) 2 Report, it’s important to understand the background and history of how the SOC 2 came in to existence as a way for service organizations to manage the risks associated with outsourcing services. The original standard was known as SAS 70 and was a way service organizations could demonstrate the effectiveness of internal controls at their…
