How to Decode Third-Party SOC 2 Reports Slide Deck

How to Decode Third-Party SOC 2 Reports Slide Deck
Slide Deck filed in Controls , Third Party Management

Join this webinar to learn how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.

Instead of completing a full standards-based risk assessment, some vendors simply submit their most recent SOC 2 report. However, for organizations that lack the expertise and resources, interpreting these SOC 2 reports can be complex and time-consuming – not to mention inconsistent with how other vendors are assessed.

How do you simplify the process of analyzing SOC 2 reports and get what you need to visualize important vendor risks?

Join us as we discuss how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.


Learning Objectives:

  • Deconstruct a typical SOC 2 report, including the five Trust Services Principles
  • Explain how to map SOC 2 report control exceptions into risks in a common vendor risk and security framework
  • Describe best practices to remediate a vendor's SOC 2 control deficiencies


Speaker:

Thomas Humphreys, Compliance Expert & Content Manager, Prevalent


Share