SOC 2 Plus+ EXAMINATION
The incorporation of additional criteria related to the HIPAA regulations result in a SOC 2 plus+ HITRUST examination. The Health Information Trust Alliance (HITRUST) developed the Common Security Framework (CSF) for organizations that create, access, store, or exchange personal health and financial information. The CSF is an information security framework that incorporates and leverages existing security requirements defined in HIPPA, HITECH, PCI, COBIT, NIST, and FTC regulations and guidance. The scope of this examination is to report on the suitability of the design and operating effectiveness of controls relevant to security and availability trust service principles and controls defined in the CCM.
SOC 2 Plus+, Type I ExaminationA Type I examination provides an opinion on whether the description of the system fairly represents the design of the controls in place to meet service commitments and system requirements for the selected trust services criteria and additional compliance requirements. A SOC 2 Plus+ Type I examination is performed as of a point in time. The distribution of a SOC 2 Plus+ Type I report is restricted.
SOC 2 Plus+, Type II ExaminationA Type II examination provides an opinion on whether the description of the system is fairly represented and whether the controls designed are operating effectively to meet service commitments and system requirements for the selected trust services criteria and additional compliance requirements. A SOC 2 Plus+ Type II examination is performed over a period of time called a service period. The distribution of a SOC 2 Plus+ Type II report is restricted.
SOC 2 Plus+ Examination Benefits
- Demonstrate compliance with other industry certifications in your SOC 2 Plus+ examination
- Gain valuable insight on the management of multiple regulatory requirements through the mapping provided in your SOC 2 Plus+ examination
To learn more about our SOC 2+ Examination services reach out and speak to a SOC2 Services expert today!