Making SOC 2 Hindsight in 2020

What is best practice prioritization for SOC 2 preparation? What are the top lessons learned from 2019? What are the “gotchas” to avoid? Which criteria require implementation and additional budget? What kind of total budget will I need?

Topics in this webinar include:

  • Prioritized approach for SOC 2 readiness
  • The top 4 audit deficiencies
  • List of common technology expenses
  • Get inside your auditor head!

Download the webinar:

Continue reading Making SOC 2 Hindsight in 2020

SOC 2 System Description

What are the Descriptive Criteria for SOC 2? Why do I have to write the description?  What are the minimum requirements? What else can I include? What will an auditor expect to see?

Topics in this webinar include:

  • Understand the 2018 SOC 2 Description Criteria
  • Know the minimum requirements
  • Take advantage of the marketing opportunity
  • Don’t be caught off guard, this will take time!

Download the webinar:

Continue reading SOC 2 System Description

SOC 2 Subservice Organizations

What is a Subservice Organization? A vendor that provides services and controls directly relevant to the service undergoing an audit. Usually a key-component of the service you provide; Processes customer data; Stores customer data; Most relied-upon vendors

Topics in this webinar include:

  • How to identify subservice organizations
  • How to monitor and evaluate
  • What to expect during a SOC 2 audit

Download the webinar:

Continue reading SOC 2 Subservice Organizations

SOC 2 Technical Monitoring

What are the technical monitoring controls look like for SOC 2? What tools will be necessary?  How to you use and configure SIEM and FIM tools? How do we monitor configurations adequately? What will an auditor expect to see?

Topics in this webinar include:

  • Understand SOC 2 requirements CC5.1, CC6.6, CC7.1, CC 7.2
  • Best practices for technical monitoring
  • What to expect during the test and how to make it more effective
  • How monitoring can be automated

Download the webinar:

Continue reading SOC 2 Technical Monitoring

SOC 2 Penetration Testing Requirements

What SOC 2 requirement applies? How do I know we’re ready? What’s the required scope? How do I get the most out of my test?

Topics in this webinar include:

  • When it’s time to schedule a pen test
  • Mistakes found in first-time pen tests
  • What to expect during the test and how to make it more effective
  • How to use pen testing in security awareness training

Download the webinar:

Continue reading SOC 2 Penetration Testing Requirements

GDPR and SOC 2

How do they integrate?

What is GDPR and how do the requirements overlap with SOC 2? What do I need to do to comply with GDPR? How do I integrate SOC 2 and GDPR into one audit process?

Topics in this webinar include:

  • The core components of GDPR compliance
  • How SOC 2 compliance supports GDPR
  • How to include GDPR into your SOC 2 audit process
  • Get inside your auditor’s head

Download the webinar:

Continue reading GDPR and SOC 2

SOC 2 Checklist – Week by Week

What does a weekly project plan and checklist look like for SOC 2 readiness? How do you prioritize practically? What are the key tasks I need to accomplish each week? 

Topics in this webinar include:

  • SOC 2 Checklist
  • 12-week readiness project plan
  • Key tasks prioritized weekly
  • Visual overview of the readiness process
  • Healthy readiness expectations

Download the webinar:

Continue reading SOC 2 Checklist – Week by Week

SOC 2 – Incident Response

What are the SOC 2 expectations for incident response? What do auditors look for? How does incident response interact with change control and risk management? What are some examples?

Topics in this webinar include:

  • The core components of compliant incident response
  • The critical ties to change control and risk management
  • Real world examples
  • Get inside your auditor’s head

Download the webinar:

Continue reading SOC 2 – Incident Response