Obtaining a SOC 2 report requires an investment of both time and money for a service organization and, at some point, might seem like more work than it’s worth. However, the advantages to obtaining a SOC 2 report far outweigh the initial investment.
Tag: Confidentiality
Confidentiality vs. Privacy in a SOC 2
In a SOC 2 examination, two of the five Trust Services Principles and Criteria are Privacy and Confidentiality. These two principles can be confusing and may seem to overlap.
Which SOC Report is Right for your Organization?
Recently, we have noticed that clients of service organizations are asking for a “SOC” report in general, and not necessarily specifying which type of report they are looking for [i.e., SOC 1 (f. SSAE 16), SOC 2, or SOC 3].
SOC 3 Reports: When do they make sense?
Some of our clients occasionally ask us when it is a good idea to get a SOC 3 report. The answer for most companies is that a SOC 3 is not necessary.
SOC 2 Common Criteria vs. Old TSPs
On December 15, 2014, the new SOC 2 Common Criteria took effect. What does that mean for your SOC 2 audit?