Understanding SOC Reports (For Beginners)
As part of our certifications through ISACA (CISA, CISM and CRISC), we regularly flip through the ISACA Journal dog-earring the pertinent articles and other learning materials available to us through this organization. In looking at one of the prior issues the other day, I again ran across a very insightful article titled Understanding the New SOC Reports. Since we are in the examination program just like financial institutions, we also have to be diligent in our annual vendor reviews and comb through our own vendors’ IT security related and other documentation. As such, this article interested me.