Obtaining a SOC 2 report requires an investment of both time and money for a service organization and, at some point, might seem like more work than it’s worth. However, the advantages to obtaining a SOC 2 report far outweigh the initial investment.
Internal controls (which include manual, IT-dependent manual, IT general, and application controls) are essential process steps that allow for one to determine or confirm whether certain requirements are being done per a certain expectation, law, or policy. Additionally, internal controls allow auditors to perform tests to gain assurance that a process is designed and operating […]
We hear this question all the time from new clients and prospects. How long will it take for us to prepare the required documentation for a SOC report?
It is easy to feel overwhelmed by all of the terminology surrounding an audit. Here is a list of frequently used terms and their meanings: