With our team of experienced ISO and NIST practitioners we help you prepare for new or recurring information security audits or attestations by assessing the status of your organization and reviewing your practices and documentation and by providing remediation advice and guidance.
SOC2 (Service Organization Control) auditing is increasingly relevant to SaaS application providers and is required by some content owners. SOC2 is the standard for reporting on security, availability, processing integrity, confidentiality, and privacy controls at a service organization. Many customers of service organizations now require SOC2 reports prior to engaging in business with them.
Convergent is able to assist its M&E application customers with SOC2 preparation and remediation before undergoing SOC Type 1 and 2 audits by leveraging the security verification they have already undergone, for example, Cloud and Application security reviews, TPN security assessments, Web Application pen testing, Code reviews and privacy compliance. This is a logical step to avoid a duplication of effort and will save on cost.