SOC 1 & SOC 2 Preparation Checklist
I’ve been hearing from various people in the marketplace that they were interested in learning about some steps, at a high level, that they need to take to get off
I’ve been hearing from various people in the marketplace that they were interested in learning about some steps, at a high level, that they need to take to get off
Criteria, as defined by the SSAE 18 (formerly SSAE 16) guidance are: The standards or benchmarks used to measure and present the subject matter and against which the service auditor
SOC 2 – CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes,
Some organizations have heard of SAS 70, SSAE 16, and soon to be SSAE 18, but, don’t really know WHY they need to pay to have a bunch of auditors
The first difference between the SSAE 16 and ISAE 3402 Standards is that SSAE 16 requires the service auditor to assess the risk associated with potential “Intentional Acts by Service
So you have been performing a SAS 70 for the last couple years, or, are getting ready prepared to embark on your first SAS 70, and all of a sudden