In late 2022, the AICPA updated its guidance on performing System and Organization Controls (SOC) attestations with revised points of focus that offer enhanced context for meeting the criteria in your report. Organizations and their auditors should be aware of the updates and go through an exercise to actively incorporate these revised points of focus […]
Early-stage companies have a lot to contend with, including funding, staffing, infrastructure, product development, and marketing, which can create a chaotic environment. Those that collect personal identifiable information or health information as part of their business model also must add earning their SOC (System and Organization Control) certification to the list. The SOC Report has […]
SOC Report: Why are our Sales & Marketing Teams Insisting we have one?
Prospects may ask for a SOC report as a way to assess the controls and processes in place at an organization before doing business with them. Many organizations, particularly in regulated industries or those that handle sensitive information, are required to demonstrate compliance with relevant regulations and industry standards. A SOC report can be an […]
SOC 2 Meets Death Master File Certification Requirements
The System and Organization Controls (SOC) framework may be mapped to achieve requirements of the National Technical Information Service’s (NTIS) Limited Access Death Master File (LADMF) certification. When choosing SOC 2 to achieve your LADMF certification, businesses may also benefit from the marketing value of their SOC 2 attestation, which demonstrates your commitment to access […]
Strong Password Policy Requirements Protect Data, Systems
It remains a critical and ever-evolving challenge to protect your organization’s data and operations from destructive forces such as unauthorized users, cyberattacks, and data breaches. The first level of security from such attacks is the implementation of strong password policies as a line of defense for an organization’s data security. Balancing risk and user-friendliness is […]
Growth in AAFCPAs’ Business Process & IT Consulting Practice
Boston, MA (8/3/2022) – AAFCPAs, a best-in-class CPA and consulting firm known for tax, assurance, accounting, wealth management, business process, and IT advisory solutions, today announced the addition of Andrew Mathieson and Brenna Mellen. These professionals join the firm’s growing Business Process & IT Consulting Practice, which provides business intelligence & productivity, information risk management & cybersecurity, […]
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.