Achieving SOC 2 Compliance: Insights and Experiences with Tag1 Consulting - Tag1 Team Talk

Описание: Find us online at https://www.tag1consulting.com​
Fosstodon: https://fosstodon.org/@tag1consulting
Bluesky: https://bsky.app/profile/tag1consulti...
Twitter: https://x.com/tag1consulting
Facebook:   / tag1consulting  
Reddit:   / tag1_consulting  

Join us in this episode of Tag1 TeamTalks as we delve into Tag1 Consulting's journey to obtaining their SOC 2 attestation. Hosted by Michael Meyers, Managing Director of Tag1 Consulting, this podcast episode features Jeff Sheltren, Partner and CIO at Tag1, who led the SOC 2 efforts, Drew Danner from BD Emerson, and Faisal Khan from Vanta. They share the comprehensive process of achieving SOC 2 compliance, including the importance of SOC 2, the steps involved, the challenges faced, and the significant benefits reaped.

Learn how services and tools from Vanta and expert guidance from BD Emerson made this complex process efficient and manageable. Whether you're thinking about starting your own SOC 2 journey or simply want to understand its impact, this episode offers valuable insights and tips on security, compliance, and continuous improvement.


00:00 Introduction
00:53 Meet the Experts
02:13 Understanding SOC 2
04:42 The Evolution of SOC 2 Compliance
05:51 Why SOC 2 Compliance Matters
08:14 Tag1's Journey to SOC 2 Compliance
11:14 The Role of BD Emerson and Vanta
16:40 Continuous Monitoring and Improvement
21:55 SOC 2 Type 1 vs. Type 2
23:44 Employee Privacy and Manual Processes
24:14 Auditor's Role and Monitoring Window
25:02 Handling Audit Findings and Continuous Improvement
26:15 Third-Party Validation and Benefits
31:12 Challenges and Top-Level Buy-In
39:40 Importance of Speed and Decision Making
41:33 Final Thoughts and Recommendations

#SOC2Compliance #attestation #partnership