Resources

Here’s what we’re thinking about, writing about, and reading about.
We hope you find it helpful.

Article
SOC 2 Reports Reimagined: From Burden to Business EnablerSOC 2 Reports Reimagined: From Burden to Business Enabler
Written by
Mike DeKock, Founder and CEO at MJD Advisors
Sep 3, 2024

In the News

Article
Thoughtful Risk Assessments: Empowering Innovation and SecurityThoughtful Risk Assessments: Empowering Innovation and Security
Learn how completing thoughtful risk assessments can be a strategic advantage.
READ MORE
READ MORE
Article
Changing Mindsets: The Benefits of Compliance for EdTechsChanging Mindsets: The Benefits of Compliance for EdTechs
For EdTech leaders, it's important to know what's going on in today's compliance landscape and how it can work in your favor.
READ MORE
READ MORE
Blog Post
EdUp AI podcastEdUp AI podcast
Mike DeKock talks to Jason Gulya on the EdUp AI podcast focused on building a blueprint for how colleges can leverage artificial intelligence.
READ MORE
READ MORE

Written by us

Blog Post
7 min read
What controls are required for SOC 2® reports?What controls are required for SOC 2® reports?
There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.
READ MORE
READ MORE
Blog Post
6 min read
Is the auditor’s role in a SOC 2® audit just to find gaps in our system?Is the auditor’s role in a SOC 2® audit just to find gaps in our system?
During the audit process, we might identify gaps or control exceptions, but our role encompasses much more than that. 
READ MORE
READ MORE
Blog Post
8 min read
How do I communicate my new SOC 2® Report? SOC 2 Certified?How do I communicate my new SOC 2® Report? SOC 2 Certified?
We highly recommend you do not use the phrase “SOC 2 Certified." Yes, you see it everywhere, and your competitors are celebrating their certificate - but don’t do it because such a thing does not exist.
READ MORE
READ MORE

Recommended by us

Article
Penetration Testing: Why It’s Important + Common TypesPenetration Testing: Why It’s Important + Common Types
Penetration testing simulates an outside attack on your applications and network. Drata shares the types of pen tests and how to conduct one to prevent risk.
READ MORE
READ MORE
Article
How Penetration Testing Increases Your ROI of ISO 27001 ComplianceHow Penetration Testing Increases Your ROI of ISO 27001 Compliance
Software Secured shares exactly how penetration testing increases the ROI of your ISO 27001 compliance.
READ MORE
READ MORE
Article
ISO/IEC 27001: 2022 - Your Guide to the Updates and How to Get (and Stay) CompliantISO/IEC 27001: 2022 - Your Guide to the Updates and How to Get (and Stay) Compliant
Echelon Risk + Cyber, in this article, breaks down everything you need to know about the ISO 27001: 2022 updates.
READ MORE
READ MORE

If you have questions or content you’d like to see, email us at info@mjd.cpa.
For more information on SOC report types and usage, please visit the American Institute of Certified Public Accountant's (AICPA) website.