Documentation: How Important Is It?

April 7, 2014

When auditors begin to test procedures for compliance examinations (i.e., SOC 1, SOC 2), there are cases where the clients are performing certain tasks; however, they are not documented, which puts the auditors in a precarious position.

 Auditors cannot simply take the clients “word for it”. Documentation of tasks, whether it be via e-mail, sign-offs, spreadsheets or checklists, needs to be in place for auditors to independently verify “XYZ” event did indeed occur and is operating effectively over a period of time.

Have a question? Fill out the form at the bottom of the page.
 

Previous Article
Can a SOC 1 Report Help With Competitive Advantage?
Can a SOC 1 Report Help With Competitive Advantage?

There is no doubt a SOC 1 report may provide a competitive advantage and potentially increase market share.

Next Article
The Persisting Challenges of SOC 2 Reporting
The Persisting Challenges of SOC 2 Reporting

via The Data Center Journal Increasing concerns regarding information security have heightened scrutiny of ...