SOC Report Selection & Evaluation Aids

April 16, 2011 Tom Hinkel Resources 1 Comment Like

SOC Report Selection & Evaluation Aids

With the SAS 70 phasing out on 6/15, financial institutions have a dual challenge; determining the best report to request, and evaluating the report they are provided. To assist with this challenge, I’ve created two documents.

The first, or Step 1, is a SOC Selection Flowchart, which is available here. This will assist in determining the most relevant report to request from your service provider. Once you register your email address, I’ll automatically send the second (Step 2) document, the SOC Evaluation Flowchart. Step 2 is still under development, as the AICPA has not yet completed the audits guides for the SOC 2 or SOC 3.

You will also have the opportunity to opt in (or opt out) of receiving notice of future regulatory compliance resources, like webinars, white papers, etc. I hope you find the flowcharts and other resources useful.

Download SOC Selection Flowchart

Tags

SAS 70 SOC 1 SOC 2 SOC 3 SSAE 16 Vendor Management

Tom Hinkel

As author of the Compliance Guru website, Hinkel shares easy to digest information security tidbits with financial institutions across the country. With almost twenty years’ experience, Hinkel’s areas of expertise spans the entire spectrum of information technology. He is also the VP of Compliance Services at Safe Systems, a community banking tech company, where he ensures that their services incorporate the appropriate financial industry regulations and best practices.

tom.hinkel@safesystems.com

One comment

Lana Merchen
July 30, 2012

Do we have to have a SOC for compliance when we are submitting a SBA or Farmer Mac loan application. We are a financial instituion regulated by the OCC
Log in to Reply

Write a Comment Cancel reply

You must be logged in to post a comment.

SOC Report Selection & Evaluation Aids

Tags

Share

One comment

Write a Comment Cancel reply