Change control management for service organizations

Change Control Management for Service Organizations

What is Change Control? Change control is a standardized process by which all changes are introduced into a production environment in a controlled and repeatable manner that ensures only authorized changes are being deployed. For service organizations, the change control process is considered an IT general control and the service organization’s change management controls will […]

Audit Sampling in SOC examinations

Audit Sampling in SOC Examinations

In completing SOC 1 and SOC 2 examinations (and most other types of audits), there is testing involved to determine the operating effectiveness of controls. There are different types of tests that can be applied to testing controls (for more information on the five types of tests refer to our article, Five Types of Testing Methods […]