SOC 2 Audit Changes.
Most Americans are aware of April 15th, the traditional date for filing taxes in the U.S. If you are a privately owned technology service provider that manages and stores personal data, then there is another deadline that falls on the 15th that should concern you. Starting December 15, all companies that currently undergo Security Organizations Controls Report (SOC) or SOC 2 audits must comply with the new guidance and Trust Services Criteria that was established in the 2017 amendment. The changes are a result of mapping SOC 2 controls to the 17 principles of the widely adapted internal control framework created by the Committee of Sponsoring Organizations (COSO).