SOC for Vendor Supply Chains

Five Questions to Assist With Identifying SOC Report Scope

The SOC reporting process can start with an organization’s desire to communicate to customers and potential customers that the organization’s

SOC 2 Reports: Common Control Exceptions and How to Avoid Them

In performing SOC 2 examinations, we often come across the same types of control exceptions. To assist organizations with avoiding these exceptions, we’ve

SOC 2 Examinations - What Are the Trust Services Criteria and Categories?

The 2017 Trust Services Criteria (TSC), which superseded the 2016 Trust Services Principles and Criteria (TSPC), serves as the control criteria for attestation

How to Decide if a Type 1 or Type 2 SOC Report is Right for Your Organization

In a previous article, we described the differences between SOC 1 reports and SOC 2 reports. Once an organization decides to pursue a SOC 1 or SOC 2 report,

SOC Report Refresher: What Are the Different Types of SOC Reports?

The rise of cloud computing has played a key role with businesses that outsource certain functions to service organizations. Since such organizations are