Achieving SOC 2 reporting proficiency with our extensible framework
A SOC 2 report is an engagement performed under the AT section 101 and is based on the existing Trust Services Principles (TSP), Criteria and Illustrations. Enhanced SOC 2 reports are called as SOC 2+ reports and can be used to demonstrate assurance in areas that go beyond the (TSP). For this reason, the AICPA has created SOC 2+ in particular, those in industries such as health care and financial services that need to cover additional industry-specific regulations and requirements.
SOC 2+ reports provide an extensible framework to incorporate various industry standards into a SOC 2 report such as the National Institute of Standards and Technology (NIST), the International Standardization Organization (ISO), Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), and the Cloud Security Alliance (CSA) Cloud Controls Matrix.
E Com Security Solutions SOC 2 Certification provide substantial efficiencies for organizations as our SOC 2 reports can be extended to include common control framework and address various industry standards.