PwC proposes SOC 2+ to dig into third-party risk
PwC has developed a framework to add to the assurance provided by an SOC 2 report (an AICPA report focused on controls around security, processing integrity, and privacy). PwC calls it an “SOC 2+” approach, building on the SOC 2 reporting principles by allowing a more independent, standardized assessment. Tammy ...
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
Article
Auditors plan deeper dives into outsource provider reports
As guidance changes and regulators continue to hammer on internal controls, auditors are starting to dig deeper into reports provided by outsourced service providers.
-
OpinionSOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is ...
-
WebcastCPE Webcast: Hot Topics in Risk and Compliance: AI, Analytics, and Emerging Audit Technologies
Join experts from KPMG, Cisco, and Workiva as they explore how audit, accounting, and finance professionals can leverage a technology mix of data analytics, gen AI, and other tools to ramp up efficiency and strengthen control effectiveness.