Menu

Menu

Account

How to Decode Third-Party SOC 2 Reports Recording

Watch Webinar Recording Download Slides

Go to event page

Join this webinar to learn how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.

PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For GRCP holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG site and will count toward GRCP CPE requirements only.

Instead of completing a full standards-based risk assessment, some vendors simply submit their most recent SOC 2 report. However, for organizations that lack the expertise and resources, interpreting these SOC 2 reports can be complex and time-consuming – not to mention inconsistent with how other vendors are assessed.

How do you simplify the process of analyzing SOC 2 reports and get what you need to visualize important vendor risks?

Join us as we discuss how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.


Learning Objectives:

  • Deconstruct a typical SOC 2 report, including the five Trust Services Principles
  • Explain how to map SOC 2 report control exceptions into risks in a common vendor risk and security framework
  • Describe best practices to remediate a vendor's SOC 2 control deficiencies


Speaker:

Thomas Humphreys, Compliance Expert & Content Manager, Prevalent


Featured in: Third Party Management

Related Resources
Back to top
OCEG © 2002 - 2023 OCEG

Terms of Service

Privacy Policy

support@oceg.org

Contact Us

Information & Billing:
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Audit, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP are trademarks of OCEG.