Managing the move from ISO 27001 certification to SOC 2 completion

There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.

We get asked a lot about whether penetration testing is required to complete a SOC 2 report. Our latest article explores this question and more.

AI is unchartered territory for many companies; however, the more it evolves, the more it becomes clear that AI adds critical business value when used responsibly.