This presentation will discuss the rising popularity of SOC2 at Service Providers for proving their quality in a standardized manner. Besides the regular ISAE 3402 and ISAE 3000 with specific audit criteria, SOC2 offers the opportunity to harmonize and standardize the way IT Service Providers prove their accountability and adherence to important criteria such as Security, Confidentiality and Availability.
The session will address:
- Benefits of SOC2 (and SOC3) for IT Service Providers and their clients
- SOC2 Trust Services Categories
- SOC2 vs. 3000/3402 and vs. ISO certifications
- How to apply SOC2 and how to review SOC reports
- Lessons learned
Speaker: Ronald Koorn
Ronald Koorn is Partner at KPMG IT Assurance & Advisory with 30 years of experience in the field of IT Governance, IT Auditing, Privacy, Security and IT Costing at Service providers and Information clearing houses. He’s also involved in the Knowledge group Privacy & GDPR of ISACA NL.
Speaker: Stefan Zwinkels
Stefan Zwinkels is Manager at KPMG Business Assurance. He is specialized in IT assurance at IT Service Providers (ISAE 3402/3000, SOC2, DigiD, etc.) and in advising how to design and implement internal controls.