As of December 15, 2018, the 2017 Trust Services Criteria are officially in effect. Organizations that are issuing System and Organization Controls (SOC 2) Reports will need to ensure that their reports reflect the changes from the previous Trust Services Criteria and Principles. How these changes impact your SOC 2
In June 2018, the Ohio legislature passed Senate Bill 220, known as the Ohio Data Protection Act (the “Act”). The Act takes a new approach to cybersecurity in that it creates an affirmative defense for companies that suffer a data breach if they have a written cybersecurity program in place.
Technology is advancing at a rapid pace and with it comes many changes and opportunities. In the last few years alone, construction companies have integrated new technologies into the workflow to reduce inefficiencies and streamline processes. The integration of tools such as drones, Building Information Modeling (BIM), virtual reality and
The AICPA released a nice comparison of their SOC 2 and SOC for Cybersecurity products. With all of the concern about data security today, the two products can be valuable. However, their titles do not explain the differences in audience, scope, purpose, or contents. Now there is a simple, two-page
While considering the steps necessary to complete the vendor prequalification process, it is important for your organization to come prepared with the right information. At Barnes Dennig, we help companies gain credibility with their vendors every day by generating CPA-provided SOC reports. However, the tables were turned when we found
Cyber attacks on universities and colleges have been on the rise over the past few years. As a result, the Department of Education (DoE) has released guidance that will regulate data security practices in the education industry under the Gramm-Leach-Billey Act (GLBA). The DoE will require universities and colleges to