Due Diligence and Ongoing Monitoring

 View Only

SOC 2 for 3rd Party Provider

  • 1.  SOC 2 for 3rd Party Provider

    Posted 12 days ago

    If your vendor (i.e. ABC Company) sends a SOC 2 report for who they use (i.e. Amazon Web Services), and ABC Company does not complete a SOC 2 report themselves, what steps do you take to ensure they have adequate controls in place?