Logical and Physical Access Controls

SOC 2 Discontinuing Logical and Physical Protections (CC6.5)

Mon, Sep 26, 2022 0 0 524 0/5 (0 Vote)

Overview:The entity discontinues logical and physical protections over physical assets only after the ability to read or recover data and software from those assets has been diminished and is no longer required to meet the entity’s objectives.... Read More

SOC 2 Managing Access to Information Assets (CC6.3)

Mon, Sep 26, 2022 0 0 457 0/5 (0 Vote)

Overview:The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes, giving consideration to the concepts of least... Read More

SOC 2 Preventing and Detecting Malicious Software (CC6.8)

Mon, Sep 26, 2022 0 0 526 0/5 (0 Vote)

Overview:The entity implements controls to prevent or detect and act upon the introduction of unauthorized or malicious software to meet the entity’s objectives. Action Items:1) Create an anti-virus policy and related procedures and publish on... Read More

SOC 2 Protecting Against External Threats (CC6.6)

Mon, Sep 26, 2022 0 0 493 0/5 (0 Vote)

Overview:The entity implements logical access security measures to protect against threats from sources outside its system boundaries. Action Items:1) Create a network security policy and procedures that address authorized network traffic, protocols,... Read More

SOC 2 Protecting Information Assets (CC6.1)

Mon, Sep 26, 2022 0 0 530 0/5 (0 Vote)

Overview:The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives. Action Items:1) Create an access control... Read More

SOC 2 Protecting Information in Transmission, Movement and Removal (CC6.7)

Mon, Sep 26, 2022 0 0 555 0/5 (0 Vote)

Overview:The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives. Action... Read More

SOC 2 Restricting Physical Access (CC6.4)

Mon, Sep 26, 2022 0 0 640 0/5 (0 Vote)

Overview:The entity restricts physical access to facilities and protected information assets (for example, data center facilities, back-up media storage, and other sensitive locations) to authorized personnel to meet the entity’s objectives.... Read More

SOC 2 User Registration and Authorization (CC6.2)

Mon, Sep 26, 2022 0 0 425 0/5 (0 Vote)

Overview:Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity. For those users whose access is administered by the entity, user... Read More