Resources

Here’s what we’re thinking about, writing about, and reading about.
We hope you find it helpful.

Article
SOC 2 SurprisesSOC 2 Surprises
Written by
Mike, DeKock, CPA, CEO
Apr 4, 2025

In the News

Article
Everything you know about audits and compliance is changingEverything you know about audits and compliance is changing
Throughout history, the prevailing narrative surrounding compliance has been one of necessity, not choice, and audits are approached with a sense of inevitability rather than opportunity.
READ MORE
READ MORE

Written by us

Article
SOC 2® Reports and Penetration TestsSOC 2® Reports and Penetration Tests
We get asked a lot about whether penetration testing is required to complete a SOC 2 report. Our latest article explores this question and more.
READ MORE
READ MORE
Blog Post
7 min read
What controls are required for SOC 2® reports?What controls are required for SOC 2® reports?
There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.
READ MORE
READ MORE
Blog Post
6 min read
Is the auditor’s role in a SOC 2® audit just to find gaps in our system?Is the auditor’s role in a SOC 2® audit just to find gaps in our system?
During the audit process, we might identify gaps or control exceptions, but our role encompasses much more than that. 
READ MORE
READ MORE

Recommended by us

Article
The Truth About AuditsThe Truth About Audits
Jemurai talks about the good, bad, and ugly they see around cybersecurity audits.
READ MORE
READ MORE

If you have questions or content you’d like to see, email us at info@mjd.cpa.
For more information on SOC report types and usage, please visit the American Institute of Certified Public Accountant's (AICPA) website.