Why Multiple Answers May Be The Right One

November 22, 2017

Organizations in the market for third party assurance on their information security controls and programs often wonder which audit is best for them, and, more importantly, which one is best for their requesting customers.  They ask questions like,

“Would the ISO 27001 certification meet a customer’s needs better than a SOC 1 or SOC 2 examination report?"

These conversations are common, and the answer is that there are options. 

After some thought, what most organizations end up realizing is, that in today’s market, achieving multiple examinations and certifications is the best approach. In this whitepaper we take a dive into why we find this to be true so often.

Previous Flipbook
Most Common Examinations: Compared
Most Common Examinations: Compared

Next Flipbook
Late Out of The Gate: Companies Lagging on GDPR's Controller Accommodation Requirement
Late Out of The Gate: Companies Lagging on GDPR's Controller Accommodation Requirement