We already have good security, is that enough for SOC 2?

Having good security practices in place is certainly a good start, but often not sufficient for compliance. Security does not equal compliance, and vice versa. Preparing for SOC 2 may include Security (logical & physical), Availability, Integrity, Confidentiality, and Privacy. Newer/smaller companies often prepare for a SOC 2 by creating many of these policies for the first time. The creation of new policy will often lead to the implementation of new preventative and detective controls.

Related Posts

About Us
closeup photo of

Practical Assurance helps companies prepare for compliance with SOC 1, SOC 2, HIPAA, ISO 27001, IISF, and provides ICO and smart contract audits.

Let’s Socialize

Popular Post