SOC 2 Compliance and Your Emerging Enterprise

As a leader of a small or mid-sized business (SMB), you may be happy with your current state. However, while not every SMB leader wants to become the next Amazon or Walmart, many do have plans for growth. Here’s how SOC 2 compliance can help those emerging enterprises with those plans.

Continue Reading »
SOC 2 Controls: Regular User Access Reviews

SOC 2 Controls: Regular User Access Reviews

This SOC 2 control focuses on ensuring your company regularly reviews who has access to critical IT infrastructure. For this control, your company must log these reviews and take any actions to resolve any access issues discovered during a review.
There are many ways to word such a control, and you should work with your auditor to find the precise wording for your company. The control’s wording must be precise, concise, and authoritative.

Continue Reading »

SOC 2 Compliance: 4 Ways to Prevent Personnel Problems

The global coronavirus pandemic, the Great Recession, and the Great Resignation have significantly disrupted staffing at all levels at many organizations. These issues could also derail or halt your SOC 2 compliance journey. Here are 4 steps to preparing and mitigating personnel problems:
1) Capture relevant institutional knowledge before it leaves
2) Get your policies together
3) Keep all documentation current
4) Get compliance automation software

Continue Reading »
Everything Compliance Video Series

SOC 2 Compliance: Questions and Answers with Compliance Expert Bert Friedman

This Q&A session was pulled from a recent episode of Everything Compliance featuring Bert Friedman. Bert Friedman is Head of Compliance at business banking startup Nearside and former Vice President of Compliance for the Financial Intelligence Unit of Chicago’s Community Choice Financial, Inc. Learn what Bert has to say about dealing with auditors and common SOC 2 compliance misconceptions.

Continue Reading »

SOC 2 Compliance: 6 Steps to a Perfect Audit with Trustero

A SOC 2 audit can take months and cost tens of thousands of dollars. Here are six steps you can take to maximize the likelihood of passing that audit successfully and begin moving toward the multiple business benefits of continuous compliance with Trustero.
1) Establish Scope
2) Develop and Capture Policies
3) Align Policies
4) Identify and Capture Evidence
5) Test Your Evidence
6) Document and Track Progress

Continue Reading »

SOC 2 Compliance: Experts Refute 5 Common Misperceptions

There are multiple misperceptions about SOC 2 compliance that can delay or even derail your compliance journey. Learn how to avoid these misperceptions from the following auditing, compliance, and cybersecurity experts:
– Liam Collins, Armanino
– Richard Stiennon, IT-Harvest
– Bert Friedman, Nearside
– David Carter, Delta Dental

Continue Reading »