Attending annual compliance conferences is a way to help your organization become aware of any new developments in the space.
HOW SOC 2 SAVVY ARE YOU?
Oh, and it’s free.
- What is SOC 2 compliance?
- AICPA COSO Framework
- Trust Service Criteria (‘TSC’) and Point of Focus
- Audit Timeline & period
- Certification bodies
- Defining the scope
- Creation of ‘System Description’
- Types of Controls
- Gap Analysis
- Identifying Gaps and Remediation
- Creation and Mapping of Controls
- Choosing the Auditing Firm
- Control Environment
- Risk Assessment
- Monitoring Activities
- Control Activities
- Logical and Physical Access Controls
- System Operations
- Change Management
- Risk Mitigation
- Additional Criteria for Availability
- Additional Criteria for Confidentiality
- Additional Criteria for Processing Integrity
- Additional Criteria for Privacy
- Shared Responsibility Model
- Key Stakeholder Identification
- Technical, Procedural, and Administrative Controls Implementation
- Policies and Procedures
- Passwords and MFA
- Risk Mitigation
- Risk Assessment
- User Access Review
- Security Awareness Training
- Security Risk Vs Security Vulnerabilities
- Endpoint Management and Anti-Malware
- Assets Mapping and Classification
- Human Resources
- Maintenance, Monitoring, and Analysis of Audit Logs
- Data Breaches and Disclosures
- Crisis Management
- Segregation of Duties and Least Privilege
- Change Management
- Internal Audit
- Audit Principles and Concepts
- Preparation of Audit
- Trust but Verify Approach – Audit Evidence
- Types of Audit Procedures Performed
- Automation of Controls
- Real-time Identification of Non-Compliance Issues
- Response and Records of Non-Compliance Issues
- Communication During An Audit
- Audit Procedures and Evaluation of Evidence – Auditors’ Point of View
- Drafting Audit Plans
- Audit Findings and Deviations
- Audit Closing Procedure
- Organizing a Closing Meeting and Stating The Conclusion of The Audit
- Auditors Opinion Results
- Deviations and Management’s Response
- Complementary User Entity Controls (CUECs)
- Sub Service Organizations Carved Out Controls
- Corrective Action Plans For The Following Audit Cycle
- Marketing Aspects and Logo Use
Meet our instructors:
Kyle is a former KPMG Analyst, now serving as a Senior Compliance Success Manager at Scytale, helping SaaS companies live out the compliance dream.
Wesley Van Zyl
After 4 years at Deloitte, Wesley is currently a Compliance Success Manager at Scytale, where he helps SaaS companies streamline their security compliance.
About this course
Geared towards CISOs, CTOs and Compliance Officers, leading the SOC 2 project in their organizations, this free SOC 2 masterclass provides a comprehensive overview of the fundamentals surrounding SOC 2 compliance.
Upon course completion, you will be awarded a SOC 2 Master Implementer Certification, which means, to put it simply, that you’re ready to take on SOC 2 with your eyes closed!
“Where do I even start?”
So why should you start SOC 2 audit training today?
Here’s just a few of the main reasons:
Gain a thorough understanding of SOC 2 compliance and its requirements
Be informed on the process of SOC 2-readiness and the official audit
Gain the skills needed to lead your organization’s SOC 2 compliance project
Develop the knowledge needed to undergo SOC 2 and achieve compliance
Who can apply for free SOC 2 training?
Simply put, ANYONE! We created this course so people can become educated in the fundamentals of SOC 2 compliance and fully understand all the nitty gritty details
But we know if you do not need to learn about SOC 2, you probably won’t. And that’s why when we got the brilliant idea of a SOC 2 Academy, we specifically had in mind those leading the SOC 2 compliance process in their organization. CISOs, CTOs, compliance officers or SOC 2 first-timers, in need of the ultimate SOC 2 crash course, the SOC 2 Academy is calling your name!
Let’s break down the top 10 GRC managers in Israel to keep your eye on in 2023.
Muli Motola, CEO and Co-Founder of accSenSe, explains how Scytale ensured they have a successful audit and get compliant faster.
Here’s everything you need to know about compliance automation and how it redefines compliance management one click at a time.
Ran Magen, CTO and Co-Founder of Lama AI, chats about the value of Scytale's hybrid solution.
We are over the moon to announce that you can now automate PCI DSS with Scytale.
Here’s a handy checklist to help you prepare for your SOC 2 compliance audit.
Nowadays, it's more challenging to consistently protect data. Kick uncertainty to the curb with easy and consistent data compliance!
Here are our top ten tips for information security compliance you need to know about in 2023!
Learn more how to implement effective risk management and creating the right strategy for your business.
Patrick Henz started his career in the Corporate Information Office and Compliance at the end of 2007, when he was responsible for the ...
Discover how to get HIPAA compliant for your startup and why it’s essential in protecting your business.
How can you ensure you're using the right tools to highlight all risks? Businesses need the right risk assessment methodology.
Dave Hatter's one to Dave Hatter is an award-winning technology professional and Cincinnati's top cyber security pro, who has done hundreds ...
Tom Fox is an award-winning founder of the Compliance Podcast Network, a member of the C-Suite Radio Network, and the Voice of Compliance.
WHAT OUR CUSTOMERS SAY ABOUT US
Scytale exceeded our expectations. We continued operating as normal during our audit preparation. Our SOC 2 workflows were super organized, which made it the smoothest process we could have asked for.
Our SOC 2 audit preparation was smooth sailing. Scytale streamlined the process by providing expert-driven technology. They shared valuable insights about our security systems so we can better protect our customers’ data.
We couldn’t have undergone our SOC 2 audit without Scytale. Their team and smart automation made the process simple and timesaving. We gained valuable knowledge about our security systems and had fun working together.