The RISCPoint blog is written by the company's leadership team and our highly-credentialed security assessment experts.
Posts in 'Third Party Reporting'
Decoding the Five SOC 2 Trust Services Criteria
Given the shifting security landscape, SOC 2 reports will only accelerate their role as a prerequisite for conducting business. As such, it's critical for organizations to understand the 5 categories of Trust Services Criteria in order to determine which to include in their respective auditing processes.
Cross Platform Segregation of Duties: The Next Key Report Crisis
When the PCAOB’s Staff Audit Practice Alert No. 11 was released in 2013, it disrupted the entire audit industry, reverberating throughout public companies and the entire internal controls landscape. While eight years have already passed since Staff Audit Practice Alert No. 11 was introduced, current Segregation of Duties controls are poised to face the same level of scrutiny from the PCAOB in this decade.
How To Achieve Compliance Across Multiple Controls Frameworks
Juggling the increasing complexity and volume of compliance requirements can be a daunting task for any organization. More than ever, organizations are being more scrutinized by their clients through an increasing list of compliance obligations, including: SOC 2 Attestation Reports, ISO/IEC 27001:2013 Certification Reports, HITRUST, HIPAA, FedRAMP and the list goes on. To help your organization in making these determinations, RISCPoint has developed this guide to identify the best practices in implementing a cohesive compliance framework for your organization.
SOC for Supply Chain
The digital revolution has granted unparalleled access to increasingly better technology, while empowering businesses and consumers alike. These technological advancements have bridged traditional gaps between entities, vendors, and consumers, bringing them closer together than ever before. As this interconnectivity grows, so does the potential for supply chain risk.
Avoiding the pitfalls of turnkey compliance solutions
Artificial intelligence, data analytics, and machine learning have advanced the security and compliance space. These technologies have enabled businesses better protect information and systems and have helped auditors better understand environments and perform audits more efficiently but they bring their own challenges.
SOC 2 Checklists
SOC 2 (System and Organization Controls) reports are becoming a prerequisite for competing in the marketplace. Most companies struggle to meet the SOC 2 compliance requirements, purchase templates that fall short during an audit, or hire firms that force them into predetermined best practices. RISCPoint understands these pain points and have put together this SOC 2 compliance checklist to help your organization succeed with its compliance initiative.