Family Business Part 2 Wayne Elliot and Security Audits Mike Dekock

You’ve completed your SOC 2 report. That first-time report can be a lot of work, and it’s worth celebrating while you hang the new AICPA logo on the website. So what’s next?

We get asked a lot about whether penetration testing is required to complete a SOC 2 report. Our latest article explores this question and more.

During the audit process, we might identify gaps or control exceptions, but our role encompasses much more than that.