SOC2 (Service Organisation Control) auditing is increasingly relevant to SaaS application providers and is required by some content owners. SOC2 is the standard for reporting on security, availability, processing integrity, confidentiality, and privacy controls at a service organisation.
Many customers of service organisations now require SOC2 reports prior to engaging in business with them.
Convergent is well-positioned to assist its Media and Entertainment application customers with SOC2 preparation and remediation before undergoing SOC Type 1 and 2 audits. The Convergent Team will assist service providers in their preparation for these audits by leveraging the security verification they have already undergone, for example, Cloud and Application security reviews, TPN security assessments, Web Application pen testing, Code reviews and privacy compliance. This is a logical step to avoid a duplication of effort and will save on cost.
Convergent Risks partners with The Cadence Group for SOC1 and 2 audits. Cadence is a highly respected and certified member of AICPA and will be able to provide this auditing service in the Media and Entertainment space.