Convergent Risks, The Cadence Group Announce Partnership for SOC2 Audits
Convergent Risks announced that it has entered into a partnership with The Cadence Group, a key provider of SOC2 compliance audits to provide a combined solution for the M&E sector. The joint approach is already being provided to vendors in the M&E space.
SOC 2 auditing is increasingly relevant to SaaS application providers and is required by some content owners. SOC 2 (System & Organization Controls) is the standard for reporting on security, availability, processing integrity, confidentiality, and privacy controls at a service organization. Many customers of service organizations now require SOC 2 reports prior to engaging in business with these organizations.
Mathew Gilliat-Smith, EVP at Convergent Risks said: “Convergent is well positioned to assist its M&E application vendor customers with SOC2 preparation and remediation before undergoing SOC2 audits by The Cadence Group. Cadence is a highly respected and certified member of the AICPA, the governing and standards body for SOC reporting.”
He went on to say: “Convergent is already providing cloud and application security reviews, web application pen testing, code reviews and privacy compliance to a broad range of M&E vendors and it’s a logical step to assist our customers in leveraging the security verification they have already undergone to avoid a duplication of effort in their preparation for the readiness stages for the SOC 2 Type 1 and Type 2 processes. Vendors will be able to prepare documentation for SOC2 audits using Convergent’s forthcoming management portal, SanctumHub.”
Kevin Abbott, Managing Partner at The Cadence Group said: “We are delighted to be partnering with Convergent Risks not only for SOC2 but also on privacy compliance both of which are becoming increasing requirements across different sectors. We recognize the security expertise that Convergent provides in the M&E sector through its respected teams of highly skilled security assessors. This is a good fit for us as it allows Convergent to provide the M&E expertise they possess, in conjunction with the SOC2 assessment experience we bring.” He went on to say: “The partnership means that we will also be able to provide more support to our clients for privacy compliance through Convergent’s specialist privacy team.”