Upcoming Changes to the SOC 2 Reporting Framework
Is your organization prepared for the upcoming changes to the SOC 2 reporting framework? All SOC 2 reports issued with a reporting period ending after December 15, 2018, must comply with the new Trust Services Criteria (also known as TSP 100) issued by the Assurance Services Executive Committee of the American Institute of Certified Public Accountants. SOC 2 reports evaluate the effectiveness of controls over the security, availability, processing integrity, confidentiality, and privacy of information processed by systems at an entity, division, or operating unit level. Revisions to the trust services criteria include an alignment of criterion with the Committee. Read More.
Guidance Proposed on Environmental, Social and Governance Risks
The Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) and the World Business Council for Sustainable Development are proposing new guidance to help companies respond to environmental, social and governance-related risks. In the draft guidance, Applying Enterprise Risk Management to Environmental, Social and Governance-Related Risks, the organizations discuss the changing global risk landscape, principles of the COSO Enterprise Risk Management Framework, and ways companies can address environmental, social and governance-related risk challenges. The draft guidance also offers examples of risk events and potential costs of failing to manage them. A press release on the draft guidance is available on the COSO website.
Paul Sobel Named COSO Chairman
The Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) has appointed Paul Sobel as the organization’s new chairman. Knowledgeable on matters such as governance, enterprise risk management, and internal control, Sobel was selected due to his distinguished background in corporate spaces and professional services. He will serve a three-year term effective February 2018. Currently the vice president and chief audit executive at Georgia-Pacific, Sobel manages the company’s internal audit function and provides oversight and guidance regarding risk management and compliance programs. Sobel was on the Advisory Council for the recently updated COSO Enterprise Risk Management Framework. His background also. Read More.