Kfi Whitepaper – Risk Assessment in a SOC 2

One of the challenges that many service organizations face while completing a SOC 2 engagement is addressing the risk assessment and risk mitigation criteria found in TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality and Privacy (TSC).  Kfi has published a whitepaper to:

  • identify the risk assessment and risk mitigation criteria that must be addressed in every SOC 2 and provide practical guidance to service organizations on how to address them;
  • provide guidance to service auditors on the types of controls that they should look for to address the risk assessment and risk mitigation criteria.

Here is a link to the whitepaper: Risk_Assessment_SOC_2