SOC 2 Plus+ EXAMINATION
The incorporation of additional criteria related to the HIPAA regulations results in a SOC 2 plus+ HITRUST examination. The Health Information Trust Alliance (HITRUST) developed the Common Security Framework (CSF) for organizations that create, access, store, or exchange personal health and financial information. The CSF is an information security framework that incorporates and leverages existing security requirements defined in HIPPA, HITECH, PCI, COBIT, NIST, and FTC regulations and guidance. The scope of this examination is to report on the suitability of the design and operating effectiveness of controls relevant to the security and availability of trust service principles and controls defined in the CCM.
SOC 2 Plus+, Type I Examination
A Type I examination provides an opinion on whether the description of the system fairly represents the design of the controls in place to meet service commitments and system requirements for the selected trust services criteria and additional compliance requirements. A SOC 2 Plus+ Type I examination is performed at a point in time. The distribution of a SOC 2 Plus+ Type I report is restricted.SOC 2 Plus+, Type II Examination
A Type II examination provides an opinion on whether the description of the system is fairly represented and whether the controls designed are operating effectively to meet service commitments and system requirements for the selected trust services criteria and additional compliance requirements. A SOC 2 Plus+ Type II examination is performed over a period of time called a service period. The distribution of a SOC 2 Plus+ Type II report is restricted.SOC 2 Plus+ Examination Benefits
- Demonstrate compliance with other industry certifications in your SOC 2 Plus+ examination
- Gain valuable insight into the management of multiple regulatory requirements through the mapping provided in your SOC 2 Plus+ examination
To learn more about our SOC 2+ Examination services reach out and speak to a SOC2 Services expert today!