Join this webinar to learn how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.
Instead of completing a full standards-based risk assessment, some vendors simply submit their most recent SOC 2 report. However, for organizations that lack the expertise and resources, interpreting these SOC 2 reports can be complex and time-consuming – not to mention inconsistent with how other vendors are assessed.
How do you simplify the process of analyzing SOC 2 reports and get what you need to visualize important vendor risks?
Join us as we discuss how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.
- Deconstruct a typical SOC 2 report, including the five Trust Services Principles
- Explain how to map SOC 2 report control exceptions into risks in a common vendor risk and security framework
- Describe best practices to remediate a vendor's SOC 2 control deficiencies
Thomas Humphreys, Compliance Expert & Content Manager, Prevalent
Field of Study: Management Services
Advanced Preparation: None
Program Level: Basic
Delivery Method: Group Internet Based
CPE Credit Notice
This is a group internet-based event for NASBA authorized continuing education credit. OCEG webinars are free for anyone to attend, but only Attendees who have an OCEG All Access Pass will receive a Certificate of Completion for the webinar indicating 1 hour of CPE credit.
OCEG is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. For information regarding administrative issues such as complaints or refunds, please contact OCEG at email@example.com.