Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

SOC II and ISO 22301

  Quote
Guest
Guest user Created:   Jan 22, 2016 Last commented:   Jan 22, 2016

SOC II and ISO 22301

0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Antonio Jose Segovia Jan 22, 2016

How similar are 22301 and SOC II? We are already doing SOC II. Will we be able to leverage some of the work we've done for SOC II for 22301?

Answer:
SOC II has some points where speaks about availability (references CC3.3 and A1.1 in SOC 2), system recovery, recovery plans (references A1.1, A1.2, A1.3 in SOC 2), etc. Which are directly related to ISO 22301 (mainly with the section 8), although ISO 27001 has more common points with SOC II. So, if you have implemented SOC II, the implementation of ISO 27001 will be more easy that ISO 22301 (although ISO 22301 will be also easy).

This information, from the official site of American Institute of CPAs, about SOC II and ISO 27001 can be interesting for you (please see at the end of the page the Excel “Trust Services Map to ISO 27001”) : https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/soc2additionalsubjectmatter.html

By the way, as you know, you can implement ISO 27001 and ISO 22301 together, and the integration with SOC II would be also very easy.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 22, 2016

Jan 22, 2016

Suggested Topics