Resources

Here’s what we’re thinking about, writing about, and reading about.
We hope you find it helpful.

Article

SOC 2 Reports Reimagined: From Burden to Business Enabler SOC 2 Reports Reimagined: From Burden to Business Enabler

Written by

Mike DeKock, Founder and CEO at MJD Advisors

Sep 3, 2024

In the News

Article

Not Your Typical CPA Firm Not Your Typical CPA Firm

A CEO on a mission to guide companies through the ever-changing world of technology.

Article

Compliance Doesn't Have to Disrupt Startup Agility - It Can Boost It Compliance Doesn't Have to Disrupt Startup Agility - It Can Boost It

The word "compliance" might make startup founders shudder as they think of onerous, time-consuming processes, but it doesn't have to be that way.

Article

Debunking compliance myths in the digital era Debunking compliance myths in the digital era

A System and Organization Controls 2 (SOC 2) report shows how compliance can continuously improve an organization and add value.

Written by us

Blog Post

6 min read

Is the auditor’s role in a SOC 2® audit just to find gaps in our system?Is the auditor’s role in a SOC 2® audit just to find gaps in our system?

During the audit process, we might identify gaps or control exceptions, but our role encompasses much more than that.

Blog Post

7 min read

What controls are required for SOC 2® reports?What controls are required for SOC 2® reports?

There is nuance to this question, and other well-meaning and very smart people that I respect might give a different answer. But within the volumes of literature that set the standards, the true answer is this: There are absolutely no control requirements for SOC 2 reports.

Recommended by us

Article

Unlocking Trust: How SOC 2 Validated Our Security Program Unlocking Trust: How SOC 2 Validated Our Security Program

Check out Software Secured's story focused on the process of working on their SOC 2 report with MJD Advisors

Article

Managing the move from ISO 27001 certification to SOC 2 completion Managing the move from ISO 27001 certification to SOC 2 completion

We partnered with SecFix on this article to share the differences between ISO 27001 certification and SOC 2 completion, and how you can leverage your work from one to the other.

Article

Penetration Testing: Why It’s Important + Common Types Penetration Testing: Why It’s Important + Common Types

Penetration testing simulates an outside attack on your applications and network. Drata shares the types of pen tests and how to conduct one to prevent risk.

If you have questions or content you’d like to see, email us at info@mjd.cpa.
For more information on SOC report types and usage, please visit the American Institute of Certified Public Accountant's (AICPA) website.