Adam Fowler

SOC 2 Assessments: Common Criteria related to Risk Assessment

What is SOC 2 Risk Assessment (CC3)? Organizations need a firm understanding of enterprise risk assessments to not only properly handle risks within their organization, but to also obtain a clean SOC report thanks to the Common Criteria related to Risk Assessment (pgs. 20-25). When looking at this area, your Company needs to think carefully think …

SOC 2 Assessments: Common Criteria related to Risk Assessment Read More »

SOC 2 Assessments: Common Criteria related to Communication and Information

What is SOC 2 Communication and Information (CC2)? CC2 of the SOC 2 Common Criteria covers communication and information controls recommended to be implemented. Communication and Information, as with the other Common Criteria, incorporates COSO requirements. Developed by the Committee of Sponsoring Organization of the Treadway Commission (COSO), these requirements are used to continuously update …

SOC 2 Assessments: Common Criteria related to Communication and Information Read More »

Third Party Vendor Management: What You Need to Know

When you’re doing business with third parties, you may be exposing your organization to financial, operational, and reputational risks. While third-party suppliers may be necessary to run your business efficiently, you need to take proactive steps to mitigate risks. This is where vendor management and assessment programs come in. What is Vendor Management? Vendor management …

Third Party Vendor Management: What You Need to Know Read More »