What to Expect in Your First SOC Audit

A company’s first SOC audit generally follows a standard lifecycle (and this applies to both SOC 1 and SOC 2): First your auditor performs a readiness assessment (also called a gap assessment) to help you prepare for your first SOC audit and identify control weaknesses that need to be addressed in […]

A Better Way to Monitor AWS and Azure

A Better Way to Monitor AWS and Azure

  If your organization is subject to a SOC 1 or SOC 2 audit, then you are likely familiar with the vendor management requirements under both reporting frameworks. The American Institute of Certified Public Accountants’ (AICPA) reporting standards for SOC 1 (Section AT-C 320 of SSAE #18) states that: “Management’s description […]

KFi Foundation Update

KFi Foundation Update

One of the best parts of working at KFi is our regular schedule of community service events throughout the year.  These events are a great opportunity to get together as a team, while at the same time helping others who are in need.  We have always strived to make these events […]

The Impact of COVID-19 on SOC Reporting

Background The 2020 audit cycle for organizations that receive SOC reports is going to include new challenges related to COVID-19.  Remote workforces are now the norm throughout the world and there are many new risks associated with this.  For example, the use of insecure personal computers (or those already infected with […]