Successful SOC 2 Approaches to Address Fraud Risk
September 12, 2019, Demarley Holder, Principal, SOC, Coalfire
Coalfire has found that many SOC 2 clients struggle with addressing COSO Principle 8 (fraud risk considerations) because they innately think only about financial fraud risks. Many clients do not understand that fraud risks depend on the nature of the business and the environment in which the business operates and as such they do not extend their paradigm to consider non-financial fraud risks.
AICPA Releases New SOC 2 Guide – What You Need to Know
April 16, 2018, Jeff Cook, Principal, SOC Practice, Coalfire, CPA, CITP, CIPT, CISA
In March 2018, the American Institute of Certified Public Accountants (AICPA) released its highly anticipated new System and Organization Controls 2 (SOC 2) guide, which includes information for the extant (2016) trust services principles and the new (2017) trust services criteria. The following is a summary of some key highlights in the new guide, what changed, and what to expect for future SOC 2 efforts.
SOC 2 Criteria: Change Is Coming - And You Can Have a Voice
August 07, 2017, Jeff Cook, Principal, SOC Practice, Coalfire, CPA, CITP, CIPT, CISA
SOC 2 reports are an important tool service providers use to give their customers assurances about their service’s security, compliance, privacy, availability, confidentiality and processing integrity by providing details about the service and the related controls that are in place. SOC 2 examinations are conducted by independent CPA firms such as Coalfire Controls, LLC and other credible firms. Periodically, the American Institute of CPAs (AICPA) reviews the standardized criteria used in a SOC 2 examination and makes updates to keep the process relevant and assure it is providing stringent measures for customer organizations’ peace of mind.