BARR’s commitment to building a world of trust through cyber resilience led to some insightful blog posts last year. Dive into BARR Advisory’s three most-read blogs from 2024.
#3. The 5 SOC 2 Trust Services Criteria Explained
So what goes into a SOC 2 report, anyway? There are five trust services criteria that can be included in a SOC 2 report. Amanda Parnigoni, manager on BARR’s attest services team, explains each criterion so you can better understand what categories you should include in your audit.
#2. A Breakdown of ISO 27001:2022 Annex A Controls
When working toward ISO/IEC 27001 certification, your organization will select relevant controls to implement from a checklist called Annex A. Like a portfolio or archive, Annex A consists of a detailed list of security controls that organizations can use to improve their Information Security Management System. In 2022, the ISO/IEC 27001 standard was updated to reflect current security challenges, and one of the biggest changes was within the Annex A controls.
#1. Frequently Asked Questions Answered—ISO 27001 Certifications
As one of the most thorough cybersecurity assessments an organization can go through, achieving ISO 27001 certification might initially seem daunting. We clarify the ISO 27001 certification process by making each step of the way clear and easy to understand. Director of Attest Services Cameron Kline and Lead ISO Manager Marc Gold answered some frequently asked questions about ISO 27001 and what to expect when working toward the certification.
Are you looking to navigate the ever-changing cybersecurity and compliance landscape? We’re here to help. Contact us today to learn how BARR can benefit you as an audit or consulting partner.