Uncategorized

SOC 2 CC7: Common Criteria related to System Operations

What is SOC 2 System Operations (CC7)? Organizations are responsible for managing the operation of their systems, which means they need to continuously work to detect, prevent, and address any security issues that may impact their business. Staying on top of monitoring security protocols, preventing and responding to security incidents, and having a plan of […]

SOC 2 CC7: Common Criteria related to System Operations Read More »

SOC 2 CC6: Common Criteria related to Logical and Physical Access

What is SOC 2 Logical and Physical Access (CC6)? Organizations are responsible for controlling logical and physical access to their protected information by using appropriate security software,infrastructure, and architectures. Implementing and maintaining these necessary controls will protect your company’s valuable data and prevent unwanted security events. It will also help you meet the requirements outlined

SOC 2 CC6: Common Criteria related to Logical and Physical Access Read More »

SOC 2 CC4: Common Criteria related to Monitoring Activities

What are SOC 2 Monitoring Activities (CC4)? Common Criteria (CC) 4 of the SOC 2 Common Criteria covers control monitoring activities recommended to be implemented. Do you have controls in place to perform proactive and reactive monitoring of your systems and controls?  Are these proactive evaluations done in all your environments?  These are questions you

SOC 2 CC4: Common Criteria related to Monitoring Activities Read More »

SOC 2 CC2: Common Criteria related to Communication and Information

What is SOC 2 Communication and Information (CC2)? CC2 of the SOC 2 Common Criteria covers communication and information controls recommended to be implemented. Communication and Information, as with the other Common Criteria, incorporates COSO requirements. Developed by the Committee of Sponsoring Organization of the Treadway Commission (COSO), these requirements are used to continuously update

SOC 2 CC2: Common Criteria related to Communication and Information Read More »

Third Party Vendor Management: What You Need to Know

When you’re doing business with third parties, you may be exposing your organization to financial, operational, and reputational risks. While third-party suppliers may be necessary to run your business efficiently, you need to take proactive steps to mitigate risks. This is where vendor management and assessment programs come in. What is Vendor Management? Vendor management

Third Party Vendor Management: What You Need to Know Read More »