infographic
Healthcare: What to Look For in a Vendor's SOC 2
CPE Credit Eligible
Some healthcare organizations will accept an independent audit report in lieu of a vendor completing an assessment questionnaire. The most commonly accepted type of audit report for assessing a vendor's security posture is a System and Organization Controls (SOC) 2 Type II report.
Knowing what to look for in a SOC 2 Type II audit report will help your risk assessment team gain insight into a vendor's security program and help you identify any exceptions that require your follow up. This infographic covers the key elements to review.
Download the infographic to learn:
- 5 key elements of a vendor SOC 2 Type II report to review
- What Trust Services Criteria must be covered
- What to look for in an auditor's opinion
- How to evaluate the vendor's response
![infographic-landing-healthcare-what-to-look-for-in-a-vendors-soc-2](https://www.venminder.com/hs-fs/hubfs/Landing_Page_Graphics/Infographics/infographic-landing-healthcare-what-to-look-for-in-a-vendors-soc-2.jpg?width=500&height=266&name=infographic-landing-healthcare-what-to-look-for-in-a-vendors-soc-2.jpg)