ISO/IEC 27001: 2022 - Your Guide to the Updates and How to Get (and Stay) Compliant

There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.

Find out why a CPA firm must issue your SOC report and why that's actually a good thing.

Read about why experts say it's time to figure out and document your backup plan for mission-critical systems.