Category: Webinar

Why is there a whole criteria on communication? What are the three sub-criteria? What is considered “Relevant Information”? What are the key tactical things I must do, that many miss, to be compliant?

Topics in this webinar include:

• Understand a foundational aspect of SOC 2
• Conceptual understanding of the communication requirements
• Key tasks that can’t be missed
• Get inside your auditor head!

Download the webinar:

The webinar was recorded in June 2020 and we’ve made it available for download by filling out the form below.

Send me the webinar recording and slides:

What does SOC 2 look like on an ongoing basis? What’s the cadence? How do I set it up for success and get back to my “job”? What does my auditor expect to see after the fact?

Topics in this webinar include:

• The key monthly, quarterly, semi-annual and annual activities
• What a typical SOC 2 calendar looks like
• Good evidence strategies
• Get inside your auditor head!

Download the webinar:

The webinar was recorded in May 2020 and we’ve made it available for download by filling out the form below.

Send me the webinar recording and slides:

Why is now the best time to start working on SOC 2? What does SOC 2 preparation look like remotely? What are the advantages and what do I need to know to be successful? What will an auditor have to say?

Topics in this webinar include:

• How to get started
• How to gain momentum
• How to build your team
• How to structure the project
• How to accelerate the implementation

Download the webinar:

The webinar was recorded in April 2020 and we’ve made it available for download by filling out the form below.

Send me the webinar recording and slides:

What is SOC 2 preparation and compliance really like? Is it a set of configurations and security tools? Is it a bunch of documentation we haven’t created yet? Is it something we do? What if the most important thing about SOC 2 isn’t those at all?

Topics in this webinar include:

• How to keep the main thing the main thing
• Set yourself up for success
• How to communicate with ALL stake holders
• Get inside your auditor head!

Download the webinar:

Continue reading The SOC 2 Mindset

How do you deal with the inevitable “impossible” requirement for your organization? What are some common pain points and ways to get around them? How can a risk perspective rescue the conversation? What will be your auditors perspective?

Topics in this webinar include:

• The good and poor way to approach compliance disagreement
• Using risk assessment to make your argument
• Top compensating control strategies
• Get inside your auditor head!

Download the webinar:

Continue reading Breaking SOC 2 Roadblocks

What are the Descriptive Criteria for SOC 2? Why do I have to write the description?  What are the minimum requirements? What else can I include? What will an auditor expect to see?

Topics in this webinar include:

• Understand the 2018 SOC 2 Description Criteria
• Know the minimum requirements
• Take advantage of the marketing opportunity
• Don’t be caught off guard, this will take time!

Download the webinar:

Continue reading SOC 2 System Description

What is a Subservice Organization? A vendor that provides services and controls directly relevant to the service undergoing an audit. Usually a key-component of the service you provide; Processes customer data; Stores customer data; Most relied-upon vendors

Topics in this webinar include:

• How to identify subservice organizations
• How to monitor and evaluate
• What to expect during a SOC 2 audit

Download the webinar:

Continue reading SOC 2 Subservice Organizations

What are the technical monitoring controls look like for SOC 2? What tools will be necessary?  How to you use and configure SIEM and FIM tools? How do we monitor configurations adequately? What will an auditor expect to see?

Topics in this webinar include:

• Understand SOC 2 requirements CC5.1, CC6.6, CC7.1, CC 7.2
• Best practices for technical monitoring
• What to expect during the test and how to make it more effective
• How monitoring can be automated

Download the webinar:

Continue reading SOC 2 Technical Monitoring

Have you started securing your environment for a SOC 2 audit? In this webinar we cover all of the common logical security controls and requirements.

Topics in this webinar include:

• The core components of SOC 2 logical security
• How to approach network security
• Authentication and authorization

Download the webinar:

Continue reading SOC 2 Logical Security