SOC 2 System Description

What are the Descriptive Criteria for SOC 2? Why do I have to write the description?  What are the minimum requirements? What else can I include? What will an auditor expect to see?

Topics in this webinar include:

  • Understand the 2018 SOC 2 Description Criteria
  • Know the minimum requirements
  • Take advantage of the marketing opportunity
  • Don’t be caught off guard, this will take time!

Download the webinar:

Continue reading SOC 2 System Description

SOC 2 Subservice Organizations

What is a Subservice Organization? A vendor that provides services and controls directly relevant to the service undergoing an audit. Usually a key-component of the service you provide; Processes customer data; Stores customer data; Most relied-upon vendors

Topics in this webinar include:

  • How to identify subservice organizations
  • How to monitor and evaluate
  • What to expect during a SOC 2 audit

Download the webinar:

Continue reading SOC 2 Subservice Organizations

SOC 2 Technical Monitoring

What are the technical monitoring controls look like for SOC 2? What tools will be necessary?  How to you use and configure SIEM and FIM tools? How do we monitor configurations adequately? What will an auditor expect to see?

Topics in this webinar include:

  • Understand SOC 2 requirements CC5.1, CC6.6, CC7.1, CC 7.2
  • Best practices for technical monitoring
  • What to expect during the test and how to make it more effective
  • How monitoring can be automated

Download the webinar:

Continue reading SOC 2 Technical Monitoring

SOC 2 Penetration Testing Requirements

What SOC 2 requirement applies? How do I know we’re ready? What’s the required scope? How do I get the most out of my test?

Topics in this webinar include:

  • When it’s time to schedule a pen test
  • Mistakes found in first-time pen tests
  • What to expect during the test and how to make it more effective
  • How to use pen testing in security awareness training

Download the webinar:

Continue reading SOC 2 Penetration Testing Requirements

GDPR and SOC 2

How do they integrate?

What is GDPR and how do the requirements overlap with SOC 2? What do I need to do to comply with GDPR? How do I integrate SOC 2 and GDPR into one audit process?

Topics in this webinar include:

  • The core components of GDPR compliance
  • How SOC 2 compliance supports GDPR
  • How to include GDPR into your SOC 2 audit process
  • Get inside your auditor’s head

Download the webinar:

Continue reading GDPR and SOC 2

SOC 2 Checklist – Week by Week

What does a weekly project plan and checklist look like for SOC 2 readiness? How do you prioritize practically? What are the key tasks I need to accomplish each week? 

Topics in this webinar include:

  • SOC 2 Checklist
  • 12-week readiness project plan
  • Key tasks prioritized weekly
  • Visual overview of the readiness process
  • Healthy readiness expectations

Download the webinar:

Continue reading SOC 2 Checklist – Week by Week

SOC 2 – Incident Response

What are the SOC 2 expectations for incident response? What do auditors look for? How does incident response interact with change control and risk management? What are some examples?

Topics in this webinar include:

  • The core components of compliant incident response
  • The critical ties to change control and risk management
  • Real world examples
  • Get inside your auditor’s head

Download the webinar:

Continue reading SOC 2 – Incident Response

SOC 2 : A Tactical Approach Webinar

So you have been working on readiness; now what? How do I know I am ready for an audit? What kind of evidence do I need? What, exactly, will an auditor be asking for?  

Topics in this webinar include:

  • What evidence do you need to collect in advance
  • Who in your organization needs to ready
  • What effective compliance management looks like
  • Get inside your auditor’s head

Download the webinar:

Continue reading SOC 2 : A Tactical Approach Webinar