SOC 2 & Third-Party Risk Management: Pros and Cons

The AICPA SOC 2 report is an industry-standard framework that vendors can submit as a risk assessment. However, interpreting the reports can be complex, time-consuming, and inconsistent with how other vendors are assessed in your third-party risk management (TPRM) program.

Join compliance experts Alastair Parr and Thomas Humphreys as they explore the pros and cons of using SOC 2 reports in your TPRM program and how to analyze these reports to get what you need.

In this webinar, Alastair and Thomas will discuss:

• Ways that using SOC 2 reports can strengthen your TPRM program
• Where SOC 2 reports can negatively impact your program
• How to map SOC 2 report control exceptions into risks in a common vendor risk and security framework

This webinar is ideal if you plan to use SOC 2 in your TPRM program and how to analyze the effectiveness of a vendor's security controls consistently with the rest of your third-party estate.