SOC 2 + PLus Reports

SOC 2 + reports take mappings a step further and provide an independent third-party opinion on the suitability of design and operating effectiveness of controls relevant to meet other compliance frameworks layered on the SOC 2 trust services criteria, such as;

  • HITRUST Report on Controls Over Protected Health Information

  • ISO 27001/27002 Report on Controls Over Information Security Management Systems

  • NIST SP 800-53 or 800-171 Report on Security and Privacy Controls for Federal Information Systems and Organizations

These reports enable service organizations to provide one comprehensive report that communicates information about the processes and procedures they use to meet other compliance frameworks as well as the applicable trust services criteria relevant to security, availability, processing integrity, confidentiality, and privacy.

Please contact us if you are interested in using the test once, report many approach to your SOC engagement.