Marketing & Advertising for Service Providers w/ SOC Report

SOC 2 Report – Trust Services Criteria and Categories

The System and Organization Controls (SOC) 2 Report will be performed in accordance with AT-C 205 (formerly under AT-101) and based upon the Trust Services Principles, with the ability to

Are Service Provider Contract Updates Needed with SSAE 18?

While some companies still request a SAS 70 report (why, who knows…), many contracts now require a SSAE 16 report, and with the change to SSAE 18 many are now

SSAE 18 (SSAE 16) Preparation Tips

This tip is focused on designing controls that reflect the process being testing, if they don’t, a headache of massive proportions will be created once testing begins. What do you

Breaking Down SOC 2 CC6.3 Requirements – Controlling Access Control

SOC 2 – CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes,

Transition Blueprint: Navigating from SSAE 18 to the New SSAE 22

SSAE 22 was issued a couple years ago, back in December 2020, to supersede AT-C section 210 with three primary changes, apply to both SOC 1 and SOC 2: Description

SSAE 16 Terminology – Carve-out Method

When performing a SSAE 16 Review, you will be inundated with various terms that you may have never heard of before. We plan on continuing with a serious of posts

Get Our Emails

Popular Resources