Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
Publish Date not found | 0 Views |
This short video explains the SOC 2 security principle and what your organization needs to know to ensure SOC 2 compliance.
The SOC 2 Security Principle is a must-have and should be included in any SOC 2 engagement that does not address privacy. The Security Principle's common criteria eliminate the overlap between each Trust Services Principle and must be reviewed by every organization before being audited against the SOC 2 Security Principle. Read on to find out how your organization should apply the SOC 2 common security criteria.
The history of the SOC 2 Trust Services Principles:
The Service Organization Control 2 (SOC 2) report focuses on non-financial controls in an organization related to security, availability, processing integrity, confidentiality and data protection.
These are also called Trust Services Principles.
In 2014, the SOC 2 Trust Services Principles were updated. One of the most significant changes was to the SOC 2 Security Principle. This change to the Common Criteria helped eliminate the overlap between the Trust Services Principles (TSPs).
Before this update, many SOC 2 reports used the same controls over and over to address the overlapping requirements of the Trust Services Principles. Since the 2014 update, the so-called Common Criteria have been developed, which apply to all SOC 2 audit reports.
For more information on the SOC 2 security principle, see https://kirkpatrickprice.com/video/soc-2-security-principle/
Additional SOC 2 audit resources:
https://kirkpatrickprice.com/audit/soc-2/
https://kirkpatrickprice.com/video/soc-2/
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.