CHICAGO--(BUSINESS WIRE)--A flash poll conducted by Baker Tilly Virchow Krause, LLP (Baker Tilly) indicates 86 percent of service organization respondents think they will be impacted by new SOC 2 guidance released by the American Institute of Certified Public Accountants (AICPA) on March 14, 2018.
“As vendor management continues to rise in priority among most organizations, the SOC 2 reporting framework has become an effective tool for providing insight and assurance regarding a service organization’s system to external IT risk and compliance stakeholders,” Mark Boettcher, senior manager with Baker Tilly’s risk, internal audit and cybersecurity practice, said. “Organizations must apply judgment on how to adopt some of the guidance for SOC 2 reports, including augmenting current processes and controls.”
“Organizations with a Sept. 30 period end may think this is an issue that can be addressed next year; however, controls should be in place by the time your next period starts on Oct. 1,” Emily Di Nardo, manager with Baker Tilly’s risk, internal audit and cybersecurity practice, said. “Clients should evaluate the changes and resulting impacts, identify control gaps and verify remediation is conducted to ensure the proper controls are implemented in time.”
Baker Tilly recently held an educational webinar, “System and Organization Controls (SOC): Latest SOC 2 guidance updates and impacts for issuers and recipients,” to help service organizations and SOC 2 report users understand important considerations and key topics under the new guidance.
The webinar presenters discussed:
1. Key updates in the newly released SOC 2 guide, and how they impact
the reports
2. How the new Description Criteria differs for reports
issued with periods ending after Dec. 15, 2018, and what service
organizations and users need to do now to prepare
3. Distinctions
between SOC 2 examinations and SOC for Cybersecurity examinations, as
described in the recent AICPA whitepaper
Presentation slides and a recording of the webinar are available at bakertilly.com/insights/system-and-organization-controls-soc-latest-soc-2-guidance-updates-and-impa
To
better understand the key effective dates that apply to your
organization, review Baker Tilly’s short article highlighting these
compliance deadlines http://bakertilly.com/insights/alert-aicpa-releases-new-guidance-on-system-and-organization-controls-soc-2/
About Baker Tilly Virchow Krause, LLP (bakertilly.com)
Baker
Tilly Virchow Krause, LLP (Baker Tilly) is a nationally recognized,
full-service accounting and advisory firm whose specialized
professionals connect with clients and their businesses through
refreshing candor and clear industry insight. With approximately 2,700
employees across the United States, Baker Tilly is ranked as one of the
15 largest accounting and advisory firms in the country. Headquartered
in Chicago, Baker Tilly is an independent member of Baker Tilly
International, a worldwide network of independent accounting and
business advisory firms in 147 territories, with 33,600 professionals.
The combined worldwide revenue of independent member firms is $3.4
billion.
