SOC Type 1 vs SOC Type 2
If you are new to SOC reporting you might be wondering about the different kinds of SOC reports available. Let’s break them down.
Menu
Florida agencies, such as the Florida Highway Safety and Motor Vehicles (FLHSMV), are concerned that their partners have the appropriate internal controls in place to ensure that data is protected from unauthorized access, distribution, use, modification, and/or disclosure. To ensure that these standards are being met, state agencies and vendors must submit an Internal Control and Data Security Audit from a currently licensed Certified Public Accountant.
An Internal Control and Data Security Audit is required to demonstrate compliance with the Florida Cybersecurity Standards (FCS), Rules 60GG-2.001 through 60GG-2.006, Florida Administrative Code (F.A.C.) These standards incorporate guidance from the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, and the Federal Information Security Management Act of 2002 (FISMA) (44 U.S.C. S3541, et seq.).
To satisfy these requirements, companies should consider a SOC 2 report with a mapping to the Florida Cybersecurity Standards, to ensure all aspects of the FSC are addressed.
Fill out this form to get in touch with one of our specialists. We’ll be in touch soon to discuss your compliance needs.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
“We engaged Auditwerx for a SOC 2 audit of our fast growing cloud-based security service. The audit itself was thorough, but non-disruptive. The audit team was highly professional and very knowledgeable. We recommend Auditwerx’s SOC 2 services without reservation.”
When it comes to compliance certification, service organizations can often find it difficult to balance customer requirements and ROI.
Our goal is to deliver the efficient compliance assessments you need, at a price that makes sense for your business.
Once we have discussed your needs and current environment, there are several factors that impact our cost estimate:
Unlike most firms, Auditwerx is a true fixed fee firm. Our goal is to provide a service that will not only improve your operations, but also, result in a significant ROI.
Very few of our clients experience amendments. When necessary, they are usually the result of a scope expansion.
Our experienced auditors understand what your organization needs from a SOC report, and our low overhead ensures that our pricing is based on your need.
If you are new to SOC reporting you might be wondering about the different kinds of SOC reports available. Let’s break them down.
AOC, ROC, SAQ – let’s explore the alphabet soup of PCI reporting.
A strong password is the first step to securing your digital life at work, or at home!
