Tag Archive: soc3

Here’s Why Regulatory Compliance Is Important

Written by
Published 03/01/2018

The phrase regulatory compliance comes with the onomatopoetic groaning sound made by most people involved in it. Despite what many consider the drudgery of rules and pedantic details, regulatory compliance offers several benefits for companies. Why Regulatory Compliance is an Important Part of Business Today Any compliance officer will tell you that financial safety is the first benefit associated with regulatory compliance. Regulatory noncompliance costs organizations steep penalties. More importantly for the c-suite, regulatory compliance provides guidance that helps businesses succeed.  Compliance law evolved to help create parity in the marketplace while offering consumers a sense of security. Enterprises need compliance to prosper ethically. Often, however, regulatory requirements feel like a quagmire dragging down profitability. Easing compliance management burdens with…

What you need to know about the AICPA’s SOC 2 Content Update

Written by
Published 08/19/2016

The American Institute of Certified Public Accountants recently updated the criteria for the Trust Services Principles (TSP) related to security, availability, processing integrity, and confidentiality (most commonly reported out using SOC 2 and SOC 3). AICPA Assurance Services Executive Committee (ASEC) published the updated TSP in their latest guidance (note: the documentation is available for purchase, but the content is available as part of a ZenGRC subscription). Reporting periods ending on or after December 15, 2016 will be required to use the updated guidance, though early implementation is permitted. The revisions look to further clarify the criteria and eliminate redundancy—continuing the changes made in late 2014—and reflect how rapidly the technology and business environments are changing. What exactly is changing?…

Tags: , , ,
Categorized in:

Changes Are Coming For The Trust Services Principles And Criteria – Are You Ready?

Written by
Published 07/14/2015

This post was originally published on BARR Assurance and Advisory, Inc. In late 2014, the American Institute of Certified Public Accountants updated the criteria for the Trust Services Principles related to security, availability, processing integrity, and confidentiality (most commonly reported out using SOC 2 and SOC 3). Soon, there will be even more updates as proposed in the recent exposure draft. The AICPA’s planned revisions will look to further clarify the criteria and eliminate redundancy while reflecting how much change is occurring in the technology and business environments. These changes may initially seem like a lot of added work on your end, but they are necessary improvements that will actually make your life easier once they go into effect in spring 2016. What exactly is changing? The…

Tags: , , ,
Categorized in:

Selecting the Right Service Organization Control Report for Outsourced Operations

Written by
Published 04/27/2015

This post was originally published on BusinessTips.com. Joe from the marketing department could lose his documents if your outsourced infrastructure isn’t secure. That might not seem like the end of the world (unless you’re Joe), but if a bank’s website goes down, the bank loses money. To help protect you from this situation, the American Institute of CPAs established Service Organization Control reports. While addressing these requirements can be tedious, these reports ensure that service organizations are keeping a close eye on businesses’ information. These reports provide a standardized way to evaluate and report on internal controls at service organizations. But understanding which SOC report is best for your business can be complicated if you’re not fully informed. Increased Outsourcing…

Tags: , , , ,
Categorized in: