Menu Close Menu

Menu

Account
Premium

How to Decode Third-Party SOC 2 Reports Recording

Watch Webinar Recording Download Slides

View original event info

Join this webinar to learn how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.

PLEASE NOTE. Certificates of Completion for CPE credit are not available for viewing of archived webinars. For GRCP™ holders, viewing of archived webinars will be automatically tracked and recorded in your Certification Dashboard on your Profile on the OCEG™ site and will count toward GRCP™ CPE requirements only.

Instead of completing a full standards-based risk assessment, some vendors simply submit their most recent SOC 2 report. However, for organizations that lack the expertise and resources, interpreting these SOC 2 reports can be complex and time-consuming – not to mention inconsistent with how other vendors are assessed.

How do you simplify the process of analyzing SOC 2 reports and get what you need to visualize important vendor risks?

Join us as we discuss how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.


Learning Objectives:

  • Deconstruct a typical SOC 2 report, including the five Trust Services Principles
  • Explain how to map SOC 2 report control exceptions into risks in a common vendor risk and security framework
  • Describe best practices to remediate a vendor's SOC 2 control deficiencies


Speaker:

Thomas Humphreys, Compliance Expert & Content Manager, Prevalent


Featured in: Third Party Management

Related Resources
Back to top
OCEG © 2002 - 2025 OCEG

Terms of Service

Privacy Policy

Refund Policy

support@oceg.org

Contact Us

2942 N 24th St Ste 115 PMB 85352, Phoenix, AZ, 85016-7849, USA

Information & Billing
+1 (602) 234-9278

Principled Performance®, Driving Principled Performance®, Putting Principles Into Practice®, OCEG®, GRC360°®, ActiveLearning®, EventDay® and LeanGRC® are registered trademarks of OCEG®.

Protector Skillset™, Protector Mindset™, Protector Code™, Lines of Accountability™, GRC Professional™, GRCP™, GRC Fundamentals™, GRC Auditor™, GRCA™, GRC Audit Fundamentals™, Data Privacy Fundamentals™, Integrated Data Privacy Professional™, IDPP™, Policy Management Fundamentals™, Integrated Policy Management Professional™, IPMP™, Integrated Audit & Assurance Professional™, IAAP™, Integrated Governance & Oversight Professional™, IGOP™, Integrated Strategy & Performance Professional™, ISPP™, Integrated Risk Management Professional™, IRMP™, Integrated Decision Management Professional™, IDMP™, Integrated Compliance & Ethics Professional™, ICEP™, Integrated Business Continuity Professional™, IBCP™, Integrated Information Security Professional™, IISP™ are trademarks of OCEG®.

You purchased an automatically renewing subscription. Do you want a reminder?

Your automatically renewing subscription is active. It will automatically renew 12 months from your original purchase. If you do not want it to automatically renew, remember that you must cancel BEFORE renewal. OCEG does offer refunds AFTER charges per our Terms of Service. Would you like a reminder?