Error - something went wrong!
The Rise of SOC 2
More and more organizations are choosing to undergo SOC 2 examinations. To find out more about what’s drivi...
Other content in this Stream
SSAE 18 and Other Famous Acronyms
How the New Standard Affects Your SOC 1
The Rise of SOC 2
More and more organizations are choosing to undergo SOC 2 examinations. To find out more about what’s driving this growth, Schellman conducted its own research.
Is your organization ready for a SOC 2 examination
Here are five steps to help successfully prepare: 1. Validate the Nature of the Request. Does your client base understand the various SOC reporting options and what they are asking of...
Choosing the Correct SOC 2 Principles
Choosing the correct SOC 2 TSP boils down to what principles are right for your business, services, and customers.
SOC 2 + Additional Criteria What I Need to Know
What is the SOC 2? At a high level a SOC 2 examination is a report on internal controls of a service organization related to the Trust Service Principles and Criteria (TSPs), which...
Picking between ISO 27001 or SOC 2
With the rising popularity of compliance efforts today driven by factors such as customer demands, regulatory requirements, and/or a company’s willingness to demonstrate their internal...
Which Way Do You Go? HITRUST Certification vs. SOC 2+HITRUST
One of my favorite quotes from Ghostbusters is the exchange between Ray Stantz and Peter Venkman:
A Kinship: SOC 2 and ISO 27001
Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report? Many organizations today are dealing with multiple needs or demands for various compliance assessments...
Sitrion Case Study
See how Sitrion Leveraged Schellman and their SOC 2 to improve their security posture.
SOC 1 Overview
To compete in today's marketplace, your customers must have trust and confidence in your environment.
SOC 2 And You: Updates and Overview
What SSAE No. 18 Means for the SOC 1 Reporting World
The practitioners performing the attestation engagements for SOC reports will not notice very many material changes in the standards; however, there are a few key areas of emphasis worth noting...
HITRUST, Meet SOC 2 – Relationship Advice
HITRUST, or the Health Insurance Trust Alliance, is a security organization and the creator of the Common Security Framework (CSF), "a certifiable framework that can be used by any and all...
Security Checkpoints In Your SDLC?
My SOC 2 auditor says that we must include security checkpoints in our SDLC. If we have really good security process in place and review the code for security issues, why do we still need...
Can I use the HITRUST certification to replace my SOC 1 or SOC 2 report?
Currently, HITRUST is not a replacement for SOC 1 or SOC 2 examinations. HITRUST and the AICPA have recently released a mapping document that identifies the CSF controls that are mapped to SOC 2...
Can An Organization Keep Using The Old TSPs?
My company completes SOC 2 audits annually, and have for the last several years based on the old trust criteria. Our processes and our customer prefer the old criteria. Can we continue to have the...
SOC 2 Type 1 and Type 2: A Quick Overview
Can you provide a quick overview on what a SOC 2 examination snd the difference between a Type 1 and Type 2 report? In early 2011, the AICPA issues its Service Organization Control (SOC) reporting...
Can a SOC 1 be leveraged for a SOC 2?
Technology based service organizations have seen the SOC 2 report gain immense traction over the past couple years.
SOC 2: Overview
What is a SOC 2 examination? How is it different than a SOC 1 examination?
The Value of a Readiness Assessment