Just how well do you understand your vendors SOC report (or the consequences if you don't?)
A Certified Information Systems Security Professional (CISSP) will review your vendor’s SSAE-16, or other available documentation in the absence of an actual SSAE-16. A summary will be delivered so that you can focus on the important components, including the set of controls that you control directly. Highly recommended for critical and/or high risk vendors.
he key benefits of our SOC statement reviews are:
• Five Main Principles. Our team looks for the five main principles of trust: security, availability, processing integrity, confidentiality and privacy
• Experience: Our SOC reviews are performed by trusted CISSP's who take deep dives into the SOC report to call out findings and concerns.
• Cost effective: Adding qualified FTE’s is expensive. Existing qualified FTE’s are stretched thin. Our staff fills resource gaps at a fraction of the cost.
• Confidence: SOC reports can be complex. It’s imperative to understand the contents and any risks identified. Our reviews ensure you never miss anything important regarding the security and safety of your (and your customers) data.
• Easy to Understand: The summary report has easy to understand information with color coded risk rating results.
• Saves Time: We do the tactical work of reviewing the SOC reports leaving you time to focus on the results + any strategic decisions required based on those results.