Blog Topic

May 10, 2022

7 reasons a traditional GRC tool is not enough

[5 min read] To the busy CISO, it might seem like implementing a GRC (Governance, Risk and Compliance) tool will be an easy way to create and manage...
Read more
May 9, 2022

The Rise and Fall of SOC 2 audits

[5 min read] Is the AICPA asleep at the wheel? More and more tech companies are seeking to demonstrate their security posture by undertaking a SOC 2...
Read more
February 23, 2022

Who owns data?

[4 min read] Data ownership is a complicated topic, much more complicated than most might think. We often talk about data security in possessive...
Read more
February 7, 2022

Do you know where your data is?

[5 min read] And who has access to it? When I talk to CEOs and security professionals about data security, the one question that continually trips...
Read more
December 3, 2021

How to Prepare for a SOC 2 Audit

[4 min read] Security standards, reports, and certifications are becoming essential for vendors and technology firms. Certifications, such as SOC 2,...
Read more
July 13, 2021

Why preparing for a SOC audit takes more than 2 weeks

[4 min read] Have you ever wished you could run a marathon?  I have run a few and I can tell you it is hard work and takes a lot of training just to...
Read more
June 11, 2020

Renewing your SOC 2 could be easier than you think!

Security certifications are a must for vendors and technology firms. Many organizations choose SOC 2 as a way of demonstrating effective risk...
Read more
October 11, 2019

Why do auditors need to remain independent?

Recent news that PwC (PricewaterhouseCoopers LLP) has agreed to pay US$7.9 million in fines to settle U.S. Securities and Exchange Commission charges...
Read more
September 27, 2019

How To Choose a SOC 2 Auditor: 6 Questions to Ask

When you begin planning for a SOC 2 audit, one of the first big decisions is choosing an external audit firm. You want a firm who can help you...
Read more
September 10, 2019

Measuring the ROI of a SOC 2 Audit

As many companies - and their vendors - are moving data to the cloud, there are often concerns about the security of their sensitive information. In...
Read more
August 15, 2019

5 Trust Service Criteria of a SOC 2 Report

A SOC 2 report has 5 Trust Services Criteria, which have previously been commonly called Trust Services Principles. These Trust Service Criteria are...
Read more
August 5, 2019

SOC 2 vs. SOC 1 or SOC 3: Which SOC Report Do I Need?

A Systems and Organizational Controls (SOC) report provides guidance on standards that should be used for operational and technological business...
Read more
March 19, 2018

How to Prepare for a SOC 2 Audit

Security certifications are fast becoming need-to-haves for vendors and technology firms. Certifications, such as SOC 2, can offer a cost-efficient...
Read more
May 25, 2017

What is a SOC Report? Do I Need One?

SOC stands for Service Organizational Control. There are three types of SOC reports, but we’ll focus on the second one, which is “designed for the...
Read more

1300 17th St N
Suite 850
Arlington, VA 22209

Call Us
1-877-668-5658

Email 
info@ostendio.com

COPYRIGHT © 2022 · OSTENDIO, INC. · ALL RIGHTS RESERVED - PRIVACY POLICY - TERMS OF USE - ACCEPTABLE USE POLICY