Expertise Beyond the Numbers

Helping Enhance Controls and Mitigate Risk for SaaS Providers

Welcome to the new SC&H Podcast Series, where we interview various subject matter experts from SC&H, as well as customers and partners, about the latest audit, tax, compliance and consulting trends.

Following is an exclusive podcast with Paul L. Shifrin, CPA, a Director of Audit Services at SC&H Group, who discusses how Software-as-a-Service (SaaS) can better enhance controls and mitigate risk.

The rise of virtualized systems has created an even greater need for organizations to develop the right controls to protect data that resides in the ‘cloud.’  As such, virtually every organization leverages Software-as-a-Service (SaaS) solutions and they need to know that their sensitive data resides in a highly trusted environment.

With SaaS providers being challenged to demonstrate the establishment and effective operation of internal controls, SC&H Group has launched a new and innovative online tool to help determine readiness to undergo a Service Organization Control 2 (SOC 2) security audit.

Hosted by SC&H Group, the SOC 2 Security Audit Readiness Decisionaire is a new online assessment that instantly provides an organization with advice regarding their readiness for a SOC 2 security audit.

Going through a SOC 2 security audit and receiving a favorable report allows SaaS providers to build-in a level of controls and trust in relationships with clients.

Please be sure to listen to the full podcast interview below about SC&H’s SOC 2 Security Audit Readiness Decisionaire. In addition, Paul was recently a guest contributor to the CloudTweaks blog, and provided the following insights on SOC 2.