To be more competitive, entities are outsourcing specific tasks or entire business functions to third-party service organizations. Although a company can delegate responsibility to service organizations, it is important to remember that you are still accountable for ensuring appropriate controls are in place.
One of the key strategies for understanding and monitoring controls at a service provider is to request a third-party compliance report like a System and Organization Control (SOC) report.
Our professionals shared ways you can utilize the most common compliance reports to help you develop an effective third-party risk management program to consistently assess and manage your technology risks. If you missed the live event, you can find the recording and slides below.
We're sorry, an recaptcha error has occured, please reload the page and try again
David Barton | Managing Director | UHY Advisors
David is the practice leader of UHY’s Technology, Risk & Compliance practice. He has over 30 years of practical experience in information systems and technology risk and controls. David has extensive expertise in IT compliance and attestation including Service Organization Controls (SOC 1®, SOC 2®, SOC 3®), ISO, HIPAA, PCI-DSS, Financial Services (FFIEC, GLBA, GAO, FDIC), SOX IT general and application control.