Go West IT just completed our second annual SOC 2, Type 2 audit. This is an expensive and time consuming process and it absolutely makes us better every single year.
SOC stands for Service Organization Controls and a Type 2 audit tests our use of and adherence to a defined set of controls over the course of a year. We won’t receive our results in the form of a SOC audit report for another thirty days or so but I already know it was worth the expense and effort. Go West IT learns something and improves each time we conduct an internal review, assessment, and our annual SOC audit. These exercises make us better and in turn deliver greater value to our customers.
A SOC audit is a great way for your organization to get information about how your vendors and partners have designed controls for security, availability, confidentiality, processing integrity, and confidentiality or privacy. The SOC report provides you with a list of the tested controls that are audited by a third party and lists out exceptions that were uncovered during the audit period. It is a great way for you to validate the statements that most companies make about how they care for your information.
A SOC audit is no guarantee of security but it is a good indication that a business spends time and effort developing systems and controls to mitigate risk.
If you are a Go West IT customer and would like to see a copy of our SOC audit please just contact your Account Manager and we will make sure you get a copy of the report as soon as it is delivered. Please contact me directly if you have questions about the SOC audit process or what controls Go West IT has implemented to protect our customers.
Last but not least, please spend a few minutes thinking about how your organization might improve by assessing risks and taking action to implement controls to mitigate risk. Please just call Go West IT if you want help taking the first step.