What is a SOC 2 auditor?
To obtain a SOC 2 audit and report, an organization’s security measures must be reviewed and verified by a certified auditor. Only licensed CPA firms can perform a SOC 2 examination.
SOC auditors are independent CPAs who work with the SOC (System and Organization Controls) suite to evaluate and report on the controls in place at a service organization, relevant to a set of criteria known as the Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, or Privacy. A SOC 2 auditor’s independent verification of an organization’s security systems is intended to help service organizations provide their customers and prospects with valuable information about how they manage data and information security.
Working with a CPA and certified SOC 2 auditor is a key part of obtaining a SOC 2 report.
Join our Coffee and Compliance session, where our experts, Ethan Heller, GRC, Subject Matter Expert at Vanta, and Brad Dispensa,WWPS Specialist SA at Amazon Web Services (AWS) cover some of the challenges of SOC 2 compliance and show how Vanta and AWS work together to simplify and accelerate SOC 2 compliance.