This message was posted by a user wishing to remain anonymous
Our Information Security Officer asked me to do a due diligence on the audit firms that audited our third party vendors SOC report.
So, my question is whether we should do a due diligence on these audit firms. And if so how?
I went to the website for PCAOB and of course AICPA , but really couldn't find much about the firms reputation or much else.
Any help would be greatly appreciated.