Introduced in 2011, Service Organization Control (SOC) reports are becoming more and more popular in data security and compliance discussions with every passing year, especially SOC 2. But what is a SOC report? Which one do you need? Why is a SOC 2 report so important? Do you actually need it, or is it something that just looks good on paper?
There are three types of SOC reports, but we’ll mainly talk about the second one for now, which is “designed for the growing number of technology and cloud computing entities that are becoming very common in the world of service organizations,” according to ssae16.org. If a SOC 1 report handles the financial transactions a company makes, SOC 2 reports on the security behind those financial transactions, making it more relevant than ever in the growing wake of credit card fraud and data breaches.
There are tonnes and tonnes of misconceptions, myths and conspiracy theories floating on what the SOC2 compliance is all about… ranging from insanely naïve to uber complicated. So, what’s its all about; join me as I summarise our years of experience in SOC2 in a nutshell:
1. Background to SOC2
2. Are you required to be compliant?
3. Differentiating – SOC1, SOC2, and SOC3
4. Selecting SOC 2 Principles - What Are SOC 2 Trust Service Principles?
5. Type1 or Type2, which reporting format do you need?
6. Defining the difference between IS027001 and SOC2 in InfoSec
Stay Connected
Twitter: https://twitter.com/VISTAINFOSEC
Linkedln: https://in.linkedin.com/company/vista...
Facebook: https://www.facebook.com/vistainfosec/
More Free Resources
Blog: https://www.vistainfosec.com/blog/
Webinars: https: https://www.vistainfosec.com/webinar.php
Videos: https: https://www.vistainfosec.com/media-vi...
About Us
Established in 2004, VISTA InfoSec is involved from Day one in providing vendor-neutral consulting services in the areas of Information Risk Compliance and Infrastructure Advisory Services. Vista Infosec most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, GDPR, ISO 27001. Having offices in Mumbai, Singapore, USA and offering services to clients all over the world.
For more about Vista InfoSec: http://vistainfosec.com
Contact us today: https://www.vistainfosec.com/contact-...
+91 99872 44769
info@vistainfoesc.com
penetration testing a hands-on introduction to hacking SOC2 and YOU | |
| 7 Likes | 7 Dislikes |
| 337 views views | 246 followers |
| People & Blogs | Upload TimePublished on 12 Apr 2018 |
Related keywords
information security foundation 勉強,information security policy template,penetration testing execution standard,information security 日本語,penetration testing methodologies,information security manager,penetration testing a hands-on introduction to hacking epub,penetration testing aws,information security foundation,penetration testing tools,information security foundation 参考書,information security management system,penetration testing training with kali linux,penetration testing framework 0.59,information security policy,information security definition,penetration testing with kali linux (pwk) official oscp certification course,penetration testing a hands-on introduction to hacking español,information security forum,penetration testing course,penetration testing argentina,information security news,penetration testing framework,information security pdf,information security officer,penetration testing georgia weidman,information security foundation 難易度,penetration testing with kali linux,information security analyst,penetration testing libro,penetration testing with kali linux (pwk) download,penetration testing book,penetration testing methodology,information security certifications,information security governance,penetration testing with kali linux (pwk),information security foundation based on iso/iec 27001,information security management,information security specialist,
Không có nhận xét nào:
Đăng nhận xét