SOC 2 Compliance Essential Training (2022)
49mBeginner2022-08-03
Authors

AJ Yawn
Cybersecurity Expert, Founder and CEO at ByteChek
Course details
Imagine you're running a successful, fast-growing software company. Your dream customer comes along with the contract that will set your company up for long-term success. But there's something holding up the deal: They want to ensure your application is secure and they want a third party to validate that. This is where SOC 2 comes in. SOC 2 is a compliance framework that helps companies build trust with customers, investors, and prospects, and unlock growth in new markets and verticals through third-party audits. In this course, instructor AJ Yawn helps individuals in any role understand the core concepts of the SOC 2 framework and how companies use this compliance report to build trust with their customers. AJ details the sometimes-confusing and overwhelming documentation, covers what to look for in each section of the report, and how to read SOC 2 reports. He also explains how auditors perform assessments during a SOC 2 examination and what to expect when being audited.
Skills covered
Governance, Risk, and ComplianceCybersecurityLearning
Concepts
0. Introduction
- 01 - SOC 2 compliance
1. SOC 2 Overview
- 02 - Key SOC 2 terms to know
- 03 - Why do companies pursue SOC 2
- 04 - How are SOC 2 reports distributed
2. SOC 2 Report Types
- 05 - SOC 3 101 and use cases
- 06 - SOC 2+ reports and use cases
- 07 - The basics of SOC 2 Type 1
- 08 - Understanding SOC 2 Type 2
3. Sections of a SOC 2 Report
- 09 - Section one - Independent service auditor's report
- 10 - Section two - Management's assertion
- 11 - Section three - System description
- 12 - Section four - Trust Services Criteria and related controls
- 13 - Section five - Information not covered in auditor's report
4. Trust Services Categories (TSCs)
- 14 - SOC 2 - Trust Services Categories scoping
- 15 - The security TSC
- 16 - The availability TSC
- 17 - The confidentiality TSC
- 18 - The processing integrity TSC
- 19 - The privacy TSC
Conclusion
- 20 - Next steps
Related courses
- SOC 2 Compliance Essential Training
- Cloud Security Operations by Pearson
- AI Security Tools and Automation
- Navigate SOC 2 Compliance in the Cloud
- Advanced SOC 2 Auditing: Proven Strategies for Auditing the Security, Availability and Confidentiality TSCs
- Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)
- Cybersecurity Foundations: Governance, Risk, and Compliance (GRC) (2023)
- CISA Cert Prep: 5 Information Asset Protection for IS Auditors