HomeNews & Views

All news by: Kevin Lau

Importance of SOC Reporting in the Post Pandemic Era

Prior to the pandemic that affects the world since earlier last year, many sectors were already redesigning their operating models to enhance efficiency and effectiveness in the digital era. These efforts are now even more relevant than ever as companies require leaner, more adaptive digital enterprises that can change and respond quickly. We see that transitioning certain functions to cost effective shared service centre or outside the enterprise entirely via managed service or outsourcing relationships with third parties are high on the list of many enterprises planned actions in the Post Pandemic Era.
Many organisations are able to function more efficiently and effectively by outsourcing tasks or entire functions to another service organisation. These outsourcing relationships may increase revenues, expand market opportunities, and reduce costs for the user entities and business partners, they also result in additional risks arising from interactions with a service organisation and its systems. In supporting their risk assessments on service organisations, user entities and business partners may request independent reports on an examination or review of controls from the service organisation. This is where assurance standards for reporting on service organisation controls such as SOC Reporting and ISAE 3402 were developed.

Cybersecurity preparedness in time of COVID-19

The unprecedented COVID-19 crisis has posed a huge change in many aspects, for instance, remote working has become a trend to reduce the spread of virus. This has provided insights for company’s management and board on cybersecurity preparedness. Regardless of company size, IT expenditure is unavoidable in order to maintain operations during the crisis. The related cybersecurity investment due to regulatory and compliance measures have since increased.  Most companies are caught off guard by the coronavirus. On one hand company’s computing resources are limited to support remote working, at the same time employees in general have not subscribed adequate firewall protection and antivirus packages to work remotely on their personal computers. With remote working becoming the new norm for companies worldwide amid the COVID-19 crisis, cybersecurity is even more crucial than before to support thousands of workers working from home accessing their companies’ networks.