SOC 2

SOC Reports: Type 1 vs Type 2 vs Readiness Assessment

Type-1-vs-Type-2-vs-Readiness-Assessment

Your client requested a SOC report, but what’s next? For organizations seeking a SOC 1, SOC 2, or ISAE 3402, there are two attestation options available: Type 1 and Type 2. Additionally, a readiness assessment can be performed to prepare your organization for the attestation.

Read More

Updates to the AICPA’s SOC 2 Framework

SOC 2-Aicpa

The American Institute of Certified Public Accountants (AICPA) recognizes the growing demand for transparency and strengthened controls within multifaceted risk environments. The SOC 2 framework continues to improve the security measures that should be implemented to protect organizations against emerging threats.

Read More

A-LIGN Completes SOC 2 Type 2 Audit for A-SCEND

SOC 2-keyboard

A-LIGN, a global cybersecurity, cyber risk and privacy, and compliance firm has announced the successful completion of the Service Organization Control (SOC) 2 Type 2 audit for its GRC software, A-SCEND.

Read More

The Perfect Match: Benefits of Adding SOC for Cybersecurity to Your SOC 2 Audits

Security efforts continue to change as industries evolve introducing new procedures, processes, and tools. To mitigate these new challenges, governing bodies continue to release new standards and guides to help organizations validate specific controls. As the number of audit options increase, understanding the capabilities and functions are critical. It’s important to understand that each examination […]

Read More

SOC 2 vs SOC for Cybersecurity: 3 Main Differences

Organizations want to ensure that the personal assets of potential and existing clients are protected. To do so, organizations can validate their controls through a variety of assessments, but choosing the right one for your organization’s specific needs can be a difficult process. Through the new SOC for Cybersecurity examination, organizations can now demonstrate the […]

Read More

SOC 2 vs. ISO 27001: Which is the Right Assessment for Your Organization?

Companies continue to struggle with the decision between selecting the SOC 2 examination or ISO 27001 certification.  Often customer contracts require either audit or competitors have one or the other.  Although these security standards serve a similar purpose, there are some key decision factors that may help your organization determine the appropriate assessment based on […]

Read More

SOC 2: 2016 Updates and the Privacy Principle Integration

Overview of Privacy Principle and SOC 2 Updates In order to clarify and eliminate redundancy within the requirements of the trust services criteria for privacy, changes have been made to the SOC 2 privacy principle guidelines. While most of these changes are clarification-based, the addition of privacy to the common criteria and the addition of […]

Read More

HITRUST Assessment Types & HITRUST Integration with SOC 2

Don’t make the climb to compliance more difficult than it has to be. With a comprehensive framework for organizations of any size, system or regulatory requirement, the HITRUST CSF allows for organizations to easily assess their current compliance while providing implementation requirements based on an organization’s risk factors. Types of HITRUST Assessments HITRUST has two […]

Read More

Provide Peace of Mind to Lenders and Consumers with the A-LIGN Difference

The A-LIGN Difference = Peace of Mind + Trusted Advisor + Competitive Advantage Most lenders/stakeholders now ask title insurance and settlement companies to demonstrate compliance with ALTA’s Best Practices. There exists a lot of uncertainty and confusion in the industry as to how a title insurance and settlement company can demonstrate compliance with ALTA’s Best […]

Read More

Nuances of the American Land Title Association (ALTA) Best Practices Assessments

How do I get ALTA certified? Which audit should I do? What is the difference between a SSAE 16, SOC 1, SOC 2 and AT 101? What is the difference between an examination, review and agreed-upon procedures engagement? Will my lender accept the report I provide to them? These are just some of the few […]

Read More