Preview Mode Links will not work in preview mode

CyberSecurity Sense is LBMC Information Security's podcast that provides insight and updates on such information security topics as: IPS Monitoring and Managed IDS Services, Security Information Event Management, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Computer Security Incident Response, Penetration Testing, Risk Assessments, Security Program Planning, Web Application Security Assessments, ACAB LADMF Certification Assessments, CMS Information Security, FedRAMP, FISMA Compliance, HIPAA Compliance, HITRUST CSF Certifications, NIST 800-171 Certifications, PCI Data Security Standards, SOC Reporting and SOX Compliance. 

Mar 5, 2018

The AICPA Cybersecurity Working Group brought to life a new type of cybersecurity examination report in 2017 known as SOC (System and Organization Control) for Cybersecurity. These reports are intended to provide a consistent approach for evaluating and reporting on an entity’s cybersecurity risk management program and give management the ability to consistently describe its cybersecurity risk management program. Additionally, the flexibility of the reports allows management to use any recognized security framework as a baseline while enabling a CPA to provide independent assurance on the effectiveness of the program’s design.

In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Drew Hendrickson discuss SOC for Cybersecurity reports and what organizations and IT professionals should know about this new report and how it could help their organizations.

Listen, and discover these key takeaways:

  • A brief introduction to SOC for Cybersecurity
  • Elements found within an SOC for Cybersecurity report
  • The role of CPA firms in cybersecurity
  • Differences in SOC 2 versus SOC for Cybersecurity
  • An explanation of who needs SOC for Cybersecurity