Eliminating the blind spot within vendor and supply chain risk management
SOC reports don’t have to be "routine"—maximize your report's value using the SHARPE method. Schellman Director Rob Tylka provides an overview
In Part 2 of our EnergyTech series, Schellman's Grayson Taylor discusses the proactive approaches energy services entities (ESEs) are taking to manage cybersecurity risk and data protection.
The secret to a flawless, stress-free SOC examination experience? Utilizing your company's internal audit team. Schellman's Edward Delgado provides an overview of this invaluable resource.
Hopefully this writing finds you well and adjusting to perhaps the most serious health-related situation in many a lifetime. Perhaps it may find you contemplating preparedness in specific ways.
You most likely selected the link to this blog to discover one of two things: 1) how to effectively manage vendor requirements via SOC reports or 2) what the SOC 1/SOC 2 examination...
It may come as a bit of a surprise—maybe not—but there are actually two types of SOC reports. Upon examination, the service organization is responsible for specifying whether or not a...
1:00:55As SSAE No. 18 is now effective as of May 1st, organizations and their customers will have uncertainty in what the new standard means and how it will affect their SOC 1 reports.
Can my organization successfully complete a SOC 2 but still not successfully complete a SOC 2 + HITRUST?
The first question many service organizations have when they begin the process of researching Service Organization Control (SOC) reports is: which SOC report(s) do they need? The American...
