In this episode, Jennifer Kosar joins Kevin O'Connell to discuss the drivers and benefits of SOC 2 reporting, and steps to take when preparing for a SOC 2 report.
We discuss the following questions:
0:44 - What is a SOC 2 report?
2:17 - Who are the typical stakeholders and interested parties of SOC 2 reports?
3:33 - Why might an organization need to produce a SOC 2 report?
5:29 - How can an organization start the process of creating a SOC 2 report?
7:11 - How can an organization prepare to be ready when the auditors come in?
8:31 - What are some key takeaways to consider when considering producing a SOC 2 report?
Kevin O'Connell serves as PwC’s Trust and Transparency Solutions and ESG Solutions leader. A leading specialist in SOC 1, 2 and 3, and other third party assurance and internal controls reporting, he has over 25 years of experience providing services to our largest financial services clients designed to identify, assess, and manage complex risk and control issues across the enterprise – whether they are strategic, financial, systems, or operational in nature. As PwC's ESG Solutions leader, Kevin leads a team of professionals focused on helping organizations implement strategies to improve their ESG reporting and communicate progress to investors and other stakeholders.
Jennifer Kosar is a partner in PwC’s Assurance Practice, with 20 years of experience assisting clients across all financial services sectors with a broad range of risk and compliance issues. She specializes in governance, risk, compliance, and internal control related services including internal controls design, assessment and optimization, third party controls assessment and reporting, and Sarbanes Oxley - 404 assessments as part of both management compliance services and external audits. Jennifer is a graduate of the Pennsylvania State University, and is a Certified Regulatory and Compliance Manager, a Certified Information Systems Auditor, and a licensed Certified Public Accountant in the states of New York and New Jersey