Search

    The TL;DR of SOC 2

    In 2024, the importance of SOC 2 compliance has reached new heights as businesses increasingly rely on third-party service providers to handle...
    3 min Read

    The acai bowl of compliance

    A fresh take on frameworks. Get your baskets ready, because we’re heading to the fruit market of compliance to see how common frameworks compare to the...
    4 min Read

    The #1 regret startups have about compliance

    Insights from Eden Data’s survey of high-growth organizations.
    2 min Read

    Everything we knew about SOC 2 was wrong

    After 15 years of working with SOC 2 for clients around the world, we needed to issue our own SOC 2 reports for AssuranceLab. It was brutal. And it...
    3 min Read

    Essential Steps and Requirements for SOC 2 Compliance

    SOC 2 reports are independent assessments conducted by certified public accounting firms or other qualified auditors. These reports provide a level of...
    2 min Read

    The timeline, steps, and what’s involved for SOC 2 and other attestations

    Audit requirements, steps involved and associated timelines are steps that go hand in hand. We often hear claims in the market that it will take you...
    3 min Read

    Comparing SOC 2 and ISO 27001 in practice

    The two most common globally recognised, cross-industry, information security standards, are SOC 2 and ISO 27001. Despite about 80% overlap in what...
    4 min Read

    SOC 2 + Options

    SOC 2 + is growing in popularity to combine a commonly accepted information security standard with other specific requirements.
    3 min Read

    Straight to SOC 2 Type 2

    While we recommend a Type 1 prior to Type 2, we've conceded straight to Type 2 is a growing preference. Our focus has shifted to how we can enable it!
    4 min Read

    How to Align Your SOC 2 to the CDR

    The SOC 2 Plus CDR approach to accreditation requires a few tweaks from the standard SOC 2 reporting approach.
    3 min Read

    Why SOC 2 for CDR Accreditation?

    There are three (3) major benefits to achieving accreditation through the more established SOC 2 reporting standard.
    2 min Read

    'Process-Light' SOC 2

    As the leading provider of SOC 2 reports to small-mid size cloud services businesses in Asia-Pacific, we get a lot of questions about how to achieve...
    4 min Read

    SOC 2: The 5 Trust Services Categories

    The SOC 2 audit, which can help demonstrate an organisation's commitment to protecting customer data, provides a level of flexibility that is unique...
    2 min Read

    SOC 2: Solving compliance with one standard

    There’s a reason we almost always recommend SOC 2 as the solution to your compliance requirements.
    3 min Read

    SOC 1, SOC 2, or ASAE 3150 for CDR Accreditation?

    The CDR accreditation requires an independently audited SOC report to demonstrate the minimum set of information security controls.

    4 min Read

    7 Tips for Using Your SOC 2 Report

    You've done the hard work achieving SOC 2. It's time to get value from your investment. How do you communicate this achievement?

    3 min Read

    Automating SOC 2

    It's amazing how many products "automate SOC 2". Many of these solutions are highly effective. None of them "automate SOC 2". Here's why.

    2 min Read

    A Successful SOC 2 Engagement

    We see a lot of variation in the timeline and success of our clients SOC 2 projects. Workvivo set a new benchmark and we explore why.

    1 min Read

    Six Reasons to do SOC Type 1 Reports First

    There's five reasons to obtain a Type 1 report prior to Type 2 report, when it comes to SOC 1 or SOC 2 reporting.

    4 min Read

    SOC 2: Cybersecurity by Accountants

    Why is a security standard is issued and maintained by an accountancy body? What does the AICPA know about cybersecurity?

    2 min Read

    The 7 Steps to SOC 2

    Reach new business opportunities and close deals faster, with 7 steps to achieve SOC 2!

    3 min Read

    SOC 2 Timeline

    What's the timeline for achieving SOC 2?What are the milestones and activities?What should you tell your customers about the timeline?

    1 min Read

    The SOC "Levels"

    SOC 1, SOC 2, Type 1, Type 2 - It's easy to get confused between these terms. What do they mean? What's the difference?

    2 min Read

    How to Pass Your SOC Audit

    Everyone wants the silver bullet for SOC 2. We don't have that, but our tips can ensure you are well set up for success!

    2 min Read

    SOC 2: Introduction

    Have you been asked for a SOC 2 and left wondering what that means?You're not alone, we get that question all the time. Let us explain.

    6 min Read

    SOC 2 Scope: How It’s Defined

    Have you been asked what your SOC 2 scope is? Our clients are often confused by this question. We explore what it means and how it works.

    3 min Read

    What does a SOC 2 Cost?

    How much should you be paying for your SOC 2 report(s)? What are the drivers of the cost?

    3 min Read

    SOC 2 Frequently Asked Questions

    We get all sorts of weird and wonderful questions about SOC 2. We explore the common ones in this FAQ.

    5 min Read

    Myth-busting SOC 2 Reports

    We hear some wacky misconceptions about SOC 2, even from SOC 2 service auditors and consultants. We're out to set the record straight!

    5 min Read
    All posts