Your organization has to complete a SOC report - what does this mean and how to meet the objectives? You are a consumer or cloud-based services - thus you are required to conduct user access reviews of these cloud services:
• What are these SOC guidance?
• What is the practices and procedures of the audit?
• Which applications do you need to audit?
Esteemed risk management and internal audit expert Raj Sawhney, practice lead from Focal Point, will lead in this discussion with 20+ years of experience on SOC, SOX, cybersecurity, and business processes will help us understand:
• Focus SOC 1 and SOC 2
• Difference between SOC 1 and SOC 2
• Focus: Operational Effectiveness for Type 2 Audit
• User Entity Requirements/Complementary User Entity Controls (CUECs)
• YouAttest for user access reviews
- Focus on user information relevant to application for SOC report
- SOC report for cloud-based services