all InfoSec news
SOC2 - Is it a reequipment that an organization needs to have controls for "every" common criteria? Or do they pick and choose which to follow?
Jan. 15, 2023, 8:52 p.m. | /u/foxtrot90210
cybersecurity www.reddit.com
For SOC2, Looking at the "`Security`" TSC (which includes 9 common criteria). Does an organization need to have controls for every common criteria or they can pick and chose which ones they want to have apply to them? Example "`Control Environment`" has CC1.1 - CC1.5.
Can someone chose not to apply all five? Or does the organization need to make …
check compliance controls cybersecurity organization security soc2 spell check
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Financial Crimes Compliance - Senior - Consulting - Location Open
@ EY | New York City, US, 10001-8604
Software Engineer - Cloud Security
@ Neo4j | Malmö
Security Consultant
@ LRQA | Singapore, Singapore, SG, 119963
Identity Governance Consultant
@ Allianz | Sydney, NSW, AU, 2000
Educator, Cybersecurity
@ Brain Station | Toronto
Principal Security Engineer
@ Hippocratic AI | Palo Alto