SOC 2 has the following 5 principles, listed below are the principles and their objectives.
- Common Criteria Security
- Processing Integrity
SOC 2 report is issued by a CPA firm that attests Type 1 for a point in time, and Type 2 report for a period of time.
The training is aimed at anyone seeking knowledge in implementing the requirements for designing the ‘internal control’, which becomes embedded in the organisation processes.
In Coral, we have helped several organizations achieve SOC 2 attestation. The learnings of the implementation is the background behind this 2 days course that will have the following coverage:
- Explain the SOC 2 requirements using the list of Trust Principles
- Impart a step by step process to help your organisation design a formal Security program
- Classrooom exercises that covers business objective setting, information system identification, risk assessment, control performance reporting, and internal audit
- Interpretation of the individual SOC 2 requirements in easy role wise explanations
- Personal feedback of an individual of how he/she performed
Anyone interested in designing, implementing, documenting, and auditing ‘internal controls’. This can includes Finance Professionals, IT Security Officers, IT Security Professionals, IT Professionals, Compliance Professionals, GRC professionals, Internal Auditors, Information Security Officers, and Chief Risk Officers.
The course refers to several international best practices that includes ISO 27001, SOC 2 – Principles and Criterias, COSO, and Prvacy Guidelines.
The course is delieverd online (through webex), and in a classroom setting depending upon the number of delegates.
Probal Choudhuri, Principal Consultant is the course author and trainer. He has advised several organisations achieve SOC 2 compliance.