HOW SOC 2 SAVVY ARE YOU?

If you’re leading SOC 2 compliance at your organization, then this course is for you.
The MOST comprehensive masterclass for SOC 2 out there, and the ONLY dedicated SOC 2 Master Implementer Certification in existence. 
Oh, and it’s free.
Enroll now

Course curriculum

  1. What is SOC 2 compliance?
  2. AICPA COSO Framework
  3. Trust Service Criteria (‘TSC’) and Point of Focus
  4. Audit Timeline & period
  5. Certification bodies
  1. Defining the scope
  2. Creation of ‘System Description’
  3. Types of Controls 
  4. Gap Analysis
  5. Identifying Gaps and Remediation
  6. Creation and Mapping of Controls
  7. Choosing the Auditing Firm
  1. Control Environment
  2. Risk Assessment
  3. Monitoring Activities
  4. Control Activities
  5. Logical and Physical Access Controls
  6. System Operations
  7. Change Management
  8. Risk Mitigation
  9. Additional Criteria for Availability
  10. Additional Criteria for Confidentiality
  11. Additional Criteria for Processing Integrity
  12. Additional Criteria for Privacy
  1. Shared Responsibility Model
  2. Key Stakeholder Identification
  3. Technical, Procedural, and Administrative Controls Implementation
  4. Prioritization
  1. Policies and Procedures
  2. Passwords and MFA
  3. Risk Mitigation
  4. Risk Assessment
  5. User Access Review
  6. Security Awareness Training
  7. Security Risk Vs Security Vulnerabilities
  8. Endpoint Management and Anti-Malware
  9. Assets Mapping and Classification
  10. Human Resources
  11. Maintenance, Monitoring, and Analysis of Audit Logs
  12. Data Breaches and Disclosures
  13. Crisis Management
  14. Segregation of Duties and Least Privilege
  15. Change Management
  16. Internal Audit
  1. Audit Principles and Concepts
  2. Preparation of Audit
  3. Trust but Verify Approach – Audit Evidence
  4. Types of Audit Procedures Performed
  5. Documentation
  1. Automation of Controls
  2. Real-time Identification of Non-Compliance Issues
  3. Response and Records of Non-Compliance Issues
  1. Communication During An Audit
  2. Audit Procedures and Evaluation of Evidence – Auditors’ Point of View
  3. Drafting Audit Plans
  4. Audit Findings and Deviations
  1. Audit Closing Procedure
  2. Organizing a Closing Meeting and Stating The Conclusion of The Audit
  3. Auditors Opinion Results
  4. Deviations and Management’s Response
  5. Complementary User Entity Controls (CUECs)
  6. Sub Service Organizations Carved Out Controls
  7. Corrective Action Plans For The Following Audit Cycle
  8. Marketing Aspects and Logo Use

Meet our instructors:

Kyle Morris

Kyle is a former KPMG Analyst now serving as a Compliance Success Manager at Scytale helping SaaS companies live out the compliance dream.

Wesley Van Zyl

After 4 years at Deloitte, Wesley is currently a Compliance Success Manager at Scytale where he helps SaaS companies streamline their security compliance.

About this course

Geared towards CISOs, CTOs and Compliance Officers leading SOC 2 in their organizations, this free SOC 2 masterclass provides a comprehensive overview of the fundamentals surrounding SOC 2. 

Upon course completion, students will be awarded a SOC 2 Master Implementer Certification, which means, to put it simply, that they are seriously awesome can take on SOC 2 with their eyes closed.

Enroll now

WHAT OUR CUSTOMERS SAY ABOUT US

  • Omer Rimoch - CTO PayEm

    Omer Rimoch CTO PayEm

    Scytale exceeded our expectations. We continued operating as normal during our audit preparation. Our SOC 2 workflows were super organized, which made it the smoothest process we could have asked for.

  • Yaron Lavi - CTO, Deel

    Yaron Lavi CTO, Deel

    Our SOC 2 audit preparation was smooth sailing. Scytale streamlined the process by providing expert-driven technology. They shared valuable insights about our security systems so we can better protect our customers’ data.

  • Tal Kollender - CEO, GYTPOL

    Tal Kollender CEO, GYTPOL

    We couldn’t have undergone our SOC 2 audit without Scytale. Their team and smart automation made the process simple and timesaving. We gained valuable knowledge about our security systems and had fun working together.

Book a Demo

Scytale is the global leader in InfoSec compliance automation, helping security-conscious SaaS companies get compliant and stay compliant. Our compliance experts offer personalized guidance to streamline compliance, enabling faster growth and boosting customer trust.

SCYTALE
RESOURCES
BLOG

© 2022 Scytale. All rights reserved.

Privacy Policy | Terms of Use | Status Page