SOC 2 Videos

How can you prove you’re not an at-risk vendor? How can you give your clients the assurance they need that you’re protecting their critical assets? SOC 2 audits help to address third-party risk concerns by evaluating internal controls, policies, and procedures that directly relate to the security of a system at a service organization. KirkpatrickPrice’s free video series on SOC 2 Reports covers everything from determining who should have a SOC 2 audit performed, selecting appropriate Trust Services Principles, and understanding the SOC 2 audit process itself.

Our Latest SOC 2 Videos

SOC 2 Report Criteria and FAQs

0 Comments

March 6, 2018

When a client pursues a SOC 2 audit for the first-time, they normally ask: What are the requirements of a SOC 2 audit? How are we going to be judged? What can I do to prepare? KirkpatrickPrice strives to be your audit partner and will work with your organization to answer each of these SOC 2 FAQs. Let's review a key exercise to perform when preparing for a SOC 2 audit.

What Will Be in My SOC 2 Report?

0 Comments

February 27, 2018

You’ve partnered with a third party, you’ve properly scoped your environment, you’ve conducted a SOC 2 gap analysis, you’ve remedied any non-compliant findings, you’ve worked with your auditor, you’ve completed your SOC 2 audit, and now you’re finally receiving your SOC 2 report. Congratulations! So, what’s actually included in a SOC 2 report?

SOC 2 Academy

How can your organization prove that it provides a secure service? How can you build a business based on information security and cybersecurity best practices? SOC 2 audits help organizations address third-party risk concerns by evaluating internal controls, policies, and procedures that directly relate to the security, availability, processing integrity, confidentiality, and privacy of a system. There’s a lot to understand about SOC 2 audits, especially when considering the ever-changing threat landscape, but KirkpatrickPrice is here to help.

View Series

SOC 2 Academy: Documentation of Inputs

0 Comments

April 12, 2019

SOC 2 Academy: Complete, Accurate, and Timely Outputs

0 Comments

April 12, 2019

SOC 2 Academy: Identifying Logging Errors

0 Comments

April 5, 2019

SOC 2 Report Criteria and FAQs

March 6, 2018/0 Comments/in SOC 2, Video /by Joseph Kirkpatrick

When a client pursues a SOC 2 audit for the first-time, they normally ask: What are the requirements of a SOC 2 audit? How are we going to be judged? What can I do to prepare? KirkpatrickPrice strives to be your audit partner and will work with your organization to answer each of these SOC 2 FAQs. Let’s review a key exercise to perform when preparing for a SOC 2 audit.

What Will Be in My SOC 2 Report?

February 27, 2018/0 Comments/in SOC 2, Video /by Maggie Austin

What is the Purpose of the SOC 2 Privacy Principle?

February 20, 2018/0 Comments/in SOC 2, Video /by Jenna Kersten

Once you’ve determined you are ready to pursue a SOC 2 audit report, the first thing you have to decide is which of the five Trust Services Criteria you want to include in your SOC 2 audit report. Typically, service organizations that are concerned about the Privacy Principle are collecting, using, retaining, disclosing, and/or disposing of personal information to deliver their services.

What’s the Difference Between SOC 2 Type I and SOC 2 Type II?

February 12, 2018/0 Comments/in SOC 2, Video /by Joseph Kirkpatrick

A SOC 2 audit report provides user entities with reasonable assurance and the peace of mind that the controls at a service organization are suitably designed, in place, and appropriately protecting client data. There are two types of SOC 2 audit reports – SOC 2 Type I and a SOC 2 Type II. Do you need a SOC 2 Type I or a SOC 2 Type II? What’s the difference? Which one makes the most sense for your organization?

What Is The SOC 2 Security Principle?

June 9, 2017/0 Comments/in SOC 2, Video /by Sarah Morris

The SOC 2 Security Principle is a must and should be included in any non-privacy SOC 2 engagement. The Security Principle common criteria eliminates the overlap between each of the Trust Services Principles and must be reviewed by every organization before being audited against the SOC 2 security principle. Read more to find out how your organization should be applying the SOC 2 security common criteria.

Selecting SOC 2 Trust Service Principles

August 23, 2016/4 Comments/in SOC 2, Video /by Sarah Morris

Once you’ve determined you are ready to pursue a SOC 2 audit report, the first thing you have to decide is which of the five Trust Services Principles you want to include in your SOC 2 audit report. SOC 2 reports can address one or more of the following principles: Security, Confidentiality, Availability, Processing Integrity, or Privacy. Becoming familiar with these principles should be the first step in determining the scope of your SOC 2 audit and deciding which of these principles apply to the services your organization provides.

Why am I Being Asked about SOC 2 Compliance?

August 5, 2016/0 Comments/in SOC 2, Video /by Sarah Morris

If you’re being asked about SOC 2 compliance for the first time, you may be wondering why. It’s becoming increasingly common for organizations to request that their vendors become SOC 2 compliant so they can ensure that the companies they are working with are appropriately protecting their sensitive information. Perhaps you’re a vendor of a […]

The History of SOC 2 Reports

July 29, 2016/0 Comments/in SOC 2, Video /by Sarah Morris

In order to understand the purpose of a Service Organization Control (SOC) 2 Report, it’s important to understand the background and history of how the SOC 2 came in to existence as a way for service organizations to manage the risks associated with outsourcing services.