When pursuing a SOC 2 examination, a popular first step for many organizations—particularly those just stepping into the world of compliance for the first time—is the SOC 2 readiness assessment. But for those first-timers who don’t know what to expect from such a process, it might help to have a primer.
Throughout history, warfare has evolved. The Romans did it one way, the Vikings did it another—Sun Tzu, Richard the Lionheart, and the Allied forces all had different tactics that forced opponents to adjust their defenses and strategies.
As technologies continue to advance, corporations will consistently evaluate whether responsibilities should be managed internally or outsourced to a qualified vendor. Whatever the criteria your senior management / board of directors utilize as a benchmark for vendor consideration, questions and concerns should be at the forefront of the vendor management program. A primary consideration to remember is that while the idea of outsourcing tasks may seem like the clear risk management option, an organization must understand that the associated risks are not removed from the company, but rather just transferred and still a responsibility for the firm collecting and transmitting their customer information.
In the information technology world, there are currently few buzzwords as popular as the term cybersecurity. As CIOs and VPs evaluate the status of their network environment, and decide who will oversee the related processes—including who has the unfortunate task of reporting to the Board