Resources

Here’s what we’re thinking about, writing about, and reading about.
We hope you find it helpful.

In the News

Mike DeKock on Building Competitive AdvantageMike DeKock on Building Competitive Advantage
How do the value creation principles of subjective value, entrepreneurship and creativity apply in a highly technical rules-based environment like SOC Compliance audits. These are objective validations of data security measures based on customer-defined criteria similar to traditional financial audits but more specific and subjective.
READ MORE
READ MORE
Everything you know about audits and compliance is changingEverything you know about audits and compliance is changing
Throughout history, the prevailing narrative surrounding compliance has been one of necessity, not choice, and audits are approached with a sense of inevitability rather than opportunity.
READ MORE
READ MORE

Written by us

What are the keys to success with SOC 2® Reporting?What are the keys to success with SOC 2® Reporting?
It’s natural to feel pressure from your organization's SOC 2 exam. There are people counting on it, the expectations are not always clear, and the idea of potential “failure” will always introduce stress… but it doesn’t need to be that way.
READ MORE
READ MORE
How do I know what categories to choose for my SOC 2® report?How do I know what categories to choose for my SOC 2® report?
In general, all SOC 2 reports must cover the trust services criteria relevant to security, so that is a good place to start.
READ MORE
READ MORE
How do I communicate my new SOC 2® Report? SOC 2 Certified?How do I communicate my new SOC 2® Report? SOC 2 Certified?
We highly recommend you do not use the phrase “SOC 2 Certified." Yes, you see it everywhere, and your competitors are celebrating their certificate - but don’t do it because such a thing does not exist.
READ MORE
READ MORE

Recommended by us

Unlocking Trust: How SOC 2 Validated Our Security ProgramUnlocking Trust: How SOC 2 Validated Our Security Program
Check out Software Secured's story focused on the process of working on their SOC 2 report with MJD Advisors
READ MORE
READ MORE
Managing the move from ISO 27001 certification to SOC 2 completionManaging the move from ISO 27001 certification to SOC 2 completion
We partnered with SecFix on this article to share the differences between ISO 27001 certification and SOC 2 completion, and how you can leverage your work from one to the other.
READ MORE
READ MORE
Penetration Testing: Why It’s Important + Common TypesPenetration Testing: Why It’s Important + Common Types
Penetration testing simulates an outside attack on your applications and network. Drata shares the types of pen tests and how to conduct one to prevent risk.
READ MORE
READ MORE

If you have questions or content you’d like to see, email us at info@mjd.cpa.
For more information on SOC report types and usage, please visit the American Institute of Certified Public Accountant's (AICPA) website.