SOC 2 – Human Resources Management

What do I need to know before the auditor shows up? Why does SOC 2 care about HR policy and practices and what are the relevant HR requirements? How do I incorporate the requirements over external parties and communications? Even more germane, how do I properly document for the audit?

Topics in this webinar include:

  • The relevant SOC 2 criteria impacting human resource management
  • The HR requirements that apply to customers, vendors, and communications
  • How to create auditable evidence
  • Get inside the head of a SOC 2 auditor

Download the webinar:
Continue reading SOC 2 – Human Resources Management

SOC 2 Vulnerability Management Webinar

What are the SOC 2 requirements as it relates to vulnerability management?
What do I need to watch out for when I schedule a penetration test? What are others doing to comply cost-effectively?

Topics in this webinar include:

  • The relevant SOC 2 criteria impacting vulnerability management
  • How to compliantly configure a penetration test
  • Cost-effective strategies to comply with SOC 2
  • Get inside the head of a SOC 2 auditor

Download the webinar:
Continue reading SOC 2 Vulnerability Management Webinar

SOC 2 Vendor Management Webinar

In this webinar we team up with Blissfully, a SaaS management company that recently completed their own SOC 2 Type II.

What are the SOC 2 criteria for Vendor Management? What’s required to properly assess my vendor’s security? What will my SOC 2 auditor expect to see? What are the best practices others are using?

Topics in this webinar include:

  • Why vendor management is critical
  • What it means for SOC 2
  • How to leverage software
  • War stories from a recent audit
  • Sample vendor management audit questions

Download the webinar:
Continue reading SOC 2 Vendor Management Webinar

SOC 2 Self-Attestation Webinar

In this webinar we cover what to do before you have an audit. How do you build trust with customers? What documentation should you have ready to share? Is there ever a time when it makes sense to wait to have an audit performed? What if an audit seems to expensive?

Topics in this webinar include:

  • SOC 2 Preparation
  • Building Artifacts
  • Self-Attestation
  • Tracking Compliance
  • Documentation Examples

Continue reading SOC 2 Self-Attestation Webinar

SOC 2 Risk Analysis Mock Audit Webinar

Risk analysis and risk management is one of the most important processes of SOC 2 preparation. A finely tuned process helps organizations ensure that they are prioritizing for the right things, and not spending unnecessary money. Risk assessment is the process of identifying assets, impact of asset loss, and likelihood of occurrence. Risk management is the process of selecting controls or other risk responses to adequately prepare for negative events.

In this webinar we cover the key processes that should be focused on when building a risk assessment and management program. We help you prepare for the unknown and ask questions that may come up in an audit. We review several risk registers as well as cover common audit questions.

Topics in this webinar include:

  • Risk Analysis Policies
  • Risk Management Process
  • Asset Inventory
  • Mock Audit Questions
  • Audit Gotchas

Continue reading SOC 2 Risk Analysis Mock Audit Webinar

SOC 2 Change Management Mock Audit Webinar

Change management is one of the first processes companies should focus on in a SOC 2 readiness project. Topics such as authorization, peer review, quality assurance, and documentation can be approached many different ways. Change management is a “daily process” in most organizations and can have a significant impact on the success of a SOC 2 audit. Additionally, change management procedures impact a number of employees include developers, quality assurance, and product management personnel. It’s critical “get it right.”

In this webinar we cover the key processes that should be focused on when planning for change management. We help you learn to think like an auditor and be fully prepared for anything that may come up. We review sample audit requests and then cover the details audited in change tickets.

Topics in this webinar include:

  • Change Management Policy
  • Change Management SDLC Documentation
  • Mock Audit Questions
  • Change Management Toolset
  • Audit Gotchas

Continue reading SOC 2 Change Management Mock Audit Webinar

SOC 2 Prioritization Webinar

One of the most important aspects of a SOC 2 readiness project is ensuring that the right steps are prioritized. The requirements are numerous and SOC 2 newbies often struggle in determining what to tackle first. After years of experience we’ve developed a preparation approach that will guide you to doing the right things at the right time.

In this webinar we cover the key processes that should be the focus of your first few weeks of SOC 2 preparation. We look at the business processes that occur most frequently as well as approaches to mitigate security risks early. Too often organizations get caught up in checking the boxes trying to be “compliant” and fail to step back and address true security risks.

Topics in this webinar include:

  • The SOC 2 Timeline
  • Change Management Requirements
  • HR Requirements
  • Vulnerability Management Requirements
  • Risk Management Requirements
  • Conducting a SOC 2 Gap Analysis

The webinar was recorded in April 2018 and we’ve made it available for download by filling our the form below.

Continue reading SOC 2 Prioritization Webinar