SOC 2 – Incident Response

What are the SOC 2 expectations for incident response? What do auditors look for? How does incident response interact with change control and risk management? What are some examples?

Topics in this webinar include:

  • The core components of compliant incident response
  • The critical ties to change control and risk management
  • Real world examples
  • Get inside your auditor’s head

Download the webinar:

Continue reading SOC 2 – Incident Response

SOC 2 : A Tactical Approach Webinar

So you have been working on readiness; now what? How do I know I am ready for an audit? What kind of evidence do I need? What, exactly, will an auditor be asking for?  

Topics in this webinar include:

  • What evidence do you need to collect in advance
  • Who in your organization needs to ready
  • What effective compliance management looks like
  • Get inside your auditor’s head

Download the webinar:

Continue reading SOC 2 : A Tactical Approach Webinar

Goal 2019! Get a SOC 2 Audit – Webinar

What resources do I need? How do I prioritize? What are the timelines? What are ALL the expenses I need to know about? When and whom do I engage?

Topics in this webinar include:

  • Key success factors for SOC 2 completion
  • Healthy resource expectations
  • Practical strategies for readiness and audit
  • Overall understanding of the SOC 2 process

Download the webinar:

Continue reading Goal 2019! Get a SOC 2 Audit – Webinar

How to Fail a SOC 2 Audit – Webinar

What are some of the most common areas that cause audit failure? Can you get your team organized, kickstart the project, and take it fully to success? Where do most audit projects break down?

Topics in this webinar include:

  • Qualified Report vs Exception
  • How to setup a SOC 2 project for success
  • Common audit exceptions
  • Get inside the head of a SOC 2 auditor

Download the webinar:
Continue reading How to Fail a SOC 2 Audit – Webinar

SOC 2 – Human Resources Management

What do I need to know before the auditor shows up? Why does SOC 2 care about HR policy and practices and what are the relevant HR requirements? How do I incorporate the requirements over external parties and communications? Even more germane, how do I properly document for the audit?

Topics in this webinar include:

  • The relevant SOC 2 criteria impacting human resource management
  • The HR requirements that apply to customers, vendors, and communications
  • How to create auditable evidence
  • Get inside the head of a SOC 2 auditor

Download the webinar:
Continue reading SOC 2 – Human Resources Management

SOC 2 Vulnerability Management Webinar

What are the SOC 2 requirements as it relates to vulnerability management?
What do I need to watch out for when I schedule a penetration test? What are others doing to comply cost-effectively?

Topics in this webinar include:

  • The relevant SOC 2 criteria impacting vulnerability management
  • How to compliantly configure a penetration test
  • Cost-effective strategies to comply with SOC 2
  • Get inside the head of a SOC 2 auditor

Download the webinar:
Continue reading SOC 2 Vulnerability Management Webinar

SOC 2 Vendor Management Webinar

In this webinar we team up with Blissfully, a SaaS management company that recently completed their own SOC 2 Type II.

What are the SOC 2 criteria for Vendor Management? What’s required to properly assess my vendor’s security? What will my SOC 2 auditor expect to see? What are the best practices others are using?

Topics in this webinar include:

  • Why vendor management is critical
  • What it means for SOC 2
  • How to leverage software
  • War stories from a recent audit
  • Sample vendor management audit questions

Download the webinar:
Continue reading SOC 2 Vendor Management Webinar

Whitepaper: How to Talk to About SOC 2 Before You’ve Done It

SOC 2 is a phrase that can strike fear and confusion into startups and small businesses, but there’s an easy way to talk about and respond to SOC 2 requests long before you undergo the time and expense of a formal SOC audit.

Most startups and SMBs first encounter the term “SOC 2” during the sales process when a customer asks if you are “SOC 2 compliant” or have a “SOC 2 certification.” In many cases, the customer or prospect doesn’t even know what SOC 2 really is, or what goes into a SOC 2 audit. They’ve just been told by their compliance director or security officer (or the pundit at an industry conference or webinar) that all vendors must “be SOC 2” to do business with their company. SOC 2 is as much a buzzword to many companies as it is an actual policy.

You can win SOC 2-contingent business by showing you understand the point of SOC 2, and that you can deliver SOC 2-style reliability even before you obtain formal compliance. The trick is understanding SOC 2 first.

Download full whitepaper here:

SOC 2 Self-Attestation Webinar

In this webinar we cover what to do before you have an audit. How do you build trust with customers? What documentation should you have ready to share? Is there ever a time when it makes sense to wait to have an audit performed? What if an audit seems to expensive?

Topics in this webinar include:

  • SOC 2 Preparation
  • Building Artifacts
  • Self-Attestation
  • Tracking Compliance
  • Documentation Examples

Continue reading SOC 2 Self-Attestation Webinar