A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly)
indicates 75%
of respondents, having knowledge of their standing with System and
Organization Controls (SOC) 2, said their organization has not yet
evaluated their controls to ensure agreement with the new 2018 Trust
Services Criteria, effective for reports with examination periods ending
after Dec. 15, 2018.
“Organizations undergoing a SOC 2 report should account for key changes
involving compliance now,” Mark Boettcher, senior manager in Baker
Tilly’s risk, internal audit and cybersecurity practice, said. “As a
result of these changes, SOC 2 report recipients should ultimately
notice more transparency in their vendor management programs and gain a
significant advantage in the marketplace over their competition.”
“Clients also report a huge time-savings related to security
questionnaires,” Andy Wittig, senior manager in Baker Tilly’s risk,
internal audit and cyber security practice, said. “Responding to or
processing questionnaires consumes valuable company resources for both
service organizations and report recipients. A SOC 2 helps organizations
standardize that process, and save a lot of time on both ends of the
equation.”
Baker Tilly recently held an educational webinar, “Transitioning between
SOC reports,” providing insight into the key differences between the SOC
1 and SOC 2 report, and why a company receiving a SOC 1 report would
need or benefit from a SOC 2 report.
The webinar presenters discussed:
- The differences between the SOC 1 and SOC 2 report
-
The applicability of the SOC 1 and SOC 2 report and the circumstances
when the use of each report is appropriate -
How to determine if an organization should receive a SOC 2 report, or
if a report should be requested from key vendors. -
What additional effort is needed to perform a SOC 2 examination if a
SOC 1 is already being performed. -
The SOC 2 processing integrity criteria requirements and how they may
or may not overlap with SOC 1 controls.
Presentation slides and a recording of the webinar are available at https://bakertilly.com/insights/transitioning-between-system-and-organization-control-soc-reports.
About Baker Tilly Virchow Krause, LLP (bakertilly.com)
Baker
Tilly Virchow Krause, LLP (Baker Tilly) is a leading advisory, tax and
assurance firm whose specialized professionals guide clients through an
ever-changing business world, helping them win now and anticipate
tomorrow. Headquartered in Chicago, Baker Tilly, and its affiliated
entities, have operations in North America, South America, Europe, Asia
and Australia. Baker Tilly is an independent member of Baker Tilly
International, a worldwide network of independent accounting and
business advisory firms in 145 territories, with 34,700 professionals.
The combined worldwide revenue of independent member firms is $3.6
billion. Visit bakertilly.com
or join the conversation on LinkedIn,
Facebook
and Twitter.
NOTE TO EDITORS:
Baker Tilly Virchow Krause, LLP is a member
of the Baker Tilly International network, the members of which are
separate and independent legal entities. Baker Tilly refers to the
global network of accounting firms of Baker Tilly International Limited.
Each member firm is a separate legal entity. Baker Tilly International
Limited does not provide services to clients.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190507005109/en/