PwC proposes SOC 2+ to dig into third-party risk
PwC has developed a framework to add to the assurance provided by an SOC 2 report (an AICPA report focused on controls around security, processing integrity, and privacy). PwC calls it an “SOC 2+” approach, building on the SOC 2 reporting principles by allowing a more independent, standardized assessment. Tammy ...
Related articles
-
Article
Auditors plan deeper dives into outsource provider reports
As guidance changes and regulators continue to hammer on internal controls, auditors are starting to dig deeper into reports provided by outsourced service providers.
-
News BriefCommunication and relationships is increasingly critical for compliance teams
Compliance is increasingly in the spotlight as companies are tackling everything from artificial intelligence and other new technologies to risk management and mitigation. But it’s soft skills of communication and relationship building that are becoming the most critical tools for success.
-
AnalysisA lot of us are misusing AI at work, and it’s putting our companies’ data, reputations at risk
Almost half of employees in a new global survey admitted to improperly using AI at work, underscoring the risks companies face by the fast-growing technology. And that’s despite many of their efforts to slow its use.