Mar 5, 2018
The AICPA Cybersecurity Working Group brought to life a new type of cybersecurity examination report in 2017 known as SOC (System and Organization Control) for Cybersecurity. These reports are intended to provide a consistent approach for evaluating and reporting on an entity’s cybersecurity risk management program and give management the ability to consistently describe its cybersecurity risk management program. Additionally, the flexibility of the reports allows management to use any recognized security framework as a baseline while enabling a CPA to provide independent assurance on the effectiveness of the program’s design.
In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Drew Hendrickson discuss SOC for Cybersecurity reports and what organizations and IT professionals should know about this new report and how it could help their organizations.
Listen, and discover these key takeaways: