2019 SOC 2 Compliance Checklist Now Available for Download from NDNB, North America’s Leading Provider of SOC Reports
ATLANTA (PRWEB) January 25, 2019 -- NDNB, North America’s leading provider of regulatory compliance audits, offers an all new 2019 SOC 2 compliance checklist for download for service organizations seeking to become compliant wit the enhanced SOC framework.
1. Start with a SOC 2 Scoping & Readiness Assessment: Learning about SOC 2 – all the technical merits and other important considerations – begins by performing a comprehensive SOC 2 scoping & readiness assessment.
2. Learn more about the SOC 2 Auditing Process: What’s an audit actually look like? Good question, so here are some things service organizations need to know. First and foremost, it’s about providing audit deliverables to the auditors. Items such as screenshots of system settings, log reports, memos, and other system outputs are what the auditors are after, so keep this in mind.
3. Determine Next Steps with Critical Remediation: After the successful completion of a SOC 2 scoping & readiness assessment, all service organizations will have some degree of remediation to perform – after all – no single organization ever has a picture-perfect internal control environment.
4. Develop all Necessary Policies and Procedures: Developing all the required information security policies and procedures and other supporting documents are critical for SOC 2 compliance.
5. Undertake Essential I.T./Security/Operational Remediation: While remediating policy documents can be a challenge, don’t forget about critical security remediation initiatives for many of your information systems.
6. Re-assess and Confirm that Remediation is Successful: Once all the remediation activities have been performed, it’s time to validate that the controls are in place and functioning as required.
7. Assess Third-Party Scoping Parameters: Organizations who are in fact outsourcing critical business functions need to be aware of having regularly scheduled due-diligence initiatives for ensuring such outsourcing entities have adequate internal controls in place.
8. Work With your Auditors in Developing Assessment and Testing Criteria: Determine which of the relevant Trust Services Principles and Criteria (TSP) are to be included within the scope of the audit, and what deliverables are you going to provide to the auditors.
About NDNB
Founded in part by former Arthur Andersen and BDO Siedman auditors, NDNB is a nationally recognized firm specializing in a wide-range of regulatory compliance audits, I.T. audits, and other compliance & assurance needs for organizations in select markets. Our personnel have years of experience in our select chosen fields of work, possessing a sound working knowledge, interpretation and solid understanding of all relevant regulatory compliance issues and mandates currently affecting our clients.
Christopher Nickell, NDNB, https://socreports.com/, 8002775415 706, [email protected]
Share this article