With the severity of COVID-19’s impact around the world, there has been a marked increase in the need for critical resources and supplies. Unfortunately, not all suppliers were prepared for such a spike in demand. “What Does Your Supply Chain Look Like?”
The framework and criteria for a SOC 2 examination are flexible and can be applied to many entities, including service organizations who work with an entity to provide a particular type of services (e.g. data backup services, cloud hosting services, managed IT services, incident management services, change management services, network security services, etc.). “SOC 2 Examinations for Colocation Service Providers”
Understanding the purpose and examination process of a SOC 2 audit can be confusing for first-time users and experienced customers alike. A simple Google search can give you the basics of a SOC 2 audit, but that generalized knowledge is only the beginning.
SOC 2 for startups may seem like a difficult endeavor given the moving parts involved in launching and maintaining a successful startup. From funding to revenue, it can be easy to neglect compliance examinations like a SOC 2 Examination – or delay completing one until a future date. “SOC 2 for Startups: Boosting Your Startup with SOC 2”
At A-LIGN, integrity is everything. Being accountable for your work is a value celebrated through our annual value awards at CLIMB, A-LIGN’s annual employee team-building event. This year, Emily is the winner of the “Do the Right Things, Always” award. “Featured CLIMBER:
Bridge letters are an important element of SOC 1 and SOC 2 examinations that you may not be aware of and can help provide your clients with additional confidence regarding the effectiveness of your organization’s controls environment at no additional cost or time.
Employees at A-LIGN take many different paths – that’s why we spent time sitting down with Staff Consultant and IT Auditor, Nickson Jean Baptiste, to discuss his desire to innovate constantly and provide support to his clients at A-LIGN. “Featured CLIMBER:
Nickson Jean Baptiste”
Compliance examination reports are more than an attestation of your commitment to quality and security; they can drive revenue, build client trust and position your organization as a cybersecurity leader in your industry.
Let’s spend a few minutes getting back to basics. Why do your clients ask for a SOC 1/SSAE 16 report to be provided? Your clients ask because their auditors probably asked for it. So why do your auditors ask for this report? The roots for SSAE 16 can be traced back to SAS 70 and even further to SAS 55. The understanding of internal controls is a fundamental component of performing a financial audit. I spent time early in my career in the financial audit department which helps me explain to companies why a SOC 1/SSAE 16 report would be applicable or not to the company. In performing a financial audit, the auditor makes inquires of the company regarding their internal controls. Having an understanding of the internal control over financial reporting is a required component for the auditor to perform. If a service has been outsourced to another company, the auditor is required to understand the internal controls. This is so that they can understand the internal controls and assess control risk accordingly. “Why do my clients ask me for a SOC 1/SSAE 16 Report?”