facebooktwitterEmail
25 03, 2019

Kfi White Paper – Small Company Perspectives: How to Tackle SOC 2 If You Have No Board of Directors

2019-03-25T15:33:02-06:00

As service organizations transition to and begin using the 2017 Trust Services Criteria for SOC 2 reporting, some smaller companies are struggling with one of the new criteria related to the board of directors (CC1.2). Specifically, how can they address this criteria if they do not have a board of [...]

Kfi White Paper – Small Company Perspectives: How to Tackle SOC 2 If You Have No Board of Directors2019-03-25T15:33:02-06:00
20 02, 2019

Practical Control Considerations under the AWS Shared Responsibility Model

2019-02-20T13:02:43-07:00

Consumers are doing more and more of their shopping on Amazon because it is convenient, cost-effective, quick and simple to use.  In a similar respect (and for the same reasons), there are an increasing number of companies moving their IT environments to Amazon Web Services (AWS).  One of the many [...]

Practical Control Considerations under the AWS Shared Responsibility Model2019-02-20T13:02:43-07:00
10 09, 2018

Kfi Whitepaper – Evaluating Exceptions in a SOC Engagement and Managing the Risk of a Qualified Opinion

2018-09-10T15:20:58-06:00

One of the most challenging aspects of a System and Organization Controls (SOC) engagement is evaluating exceptions / control failures and determining how they will impact the SOC report and whether they will result in a qualified or adverse opinion.  The purpose of this whitepaper is to help service organizations [...]

Kfi Whitepaper – Evaluating Exceptions in a SOC Engagement and Managing the Risk of a Qualified Opinion2018-09-10T15:20:58-06:00
8 08, 2018

Kfi Whitepaper – Risk Assessment in a SOC 2

2018-08-08T17:07:16-06:00

One of the challenges that many service organizations face while completing a SOC 2 engagement is addressing the risk assessment and risk mitigation criteria found in TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality and Privacy (TSC).  Kfi has published a whitepaper to: identify the [...]

Kfi Whitepaper – Risk Assessment in a SOC 22018-08-08T17:07:16-06:00
12 06, 2018

Fraud Report Highlights

2018-06-12T10:54:23-06:00

One of the most interesting documents that comes across my desk each year is the Global Study on Occupational Fraud and Abuse published by the Association of Certified Fraud Examiners (ACFE).  The 2018 study (which can be downloaded at the bottom of this post) contains an analysis of 2,690 cases [...]

Fraud Report Highlights2018-06-12T10:54:23-06:00
16 09, 2017

Top 10 IT Security Vulnerabilities and Corresponding Controls in SOC Reports

2017-09-16T15:24:21-06:00

The purpose of this whitepaper is to describe prevalent IT security vulnerabilities and the corresponding controls that companies deploy to respond to them. KFI-Top 10 IT Security Vulnerabilities-White-Paper

Top 10 IT Security Vulnerabilities and Corresponding Controls in SOC Reports2017-09-16T15:24:21-06:00
2 12, 2016

Hello SSAE #18 and goodbye SSAE #16 – How will the new standard impact SOC engagements?

2017-05-29T08:54:48-06:00

SSAE No. 18 is effective for SOC reports, Agreed Upon Procedures and examination reports dated on or after May 1, 2017.  Kfi has prepared a whitepaper summarizing the changes that you can expect relative to SOC reporting.  KFI-SSAENo18-White-Paper    

Hello SSAE #18 and goodbye SSAE #16 – How will the new standard impact SOC engagements?2017-05-29T08:54:48-06:00
16 04, 2015

COSO framework for Service Organizations

2017-01-03T15:15:50-07:00

This is a series of posts on how the COSO framework impacts service organizations, particularly those that receive SOC reports. COSO Framework for Service Organizations and SOC Reporting (Part 1 of 3) COSO blog post 2 of 3 COSO blog post 3 of 3    

COSO framework for Service Organizations2017-01-03T15:15:50-07:00
WP2Social Auto Publish Powered By : XYZScripts.com