At this year’s HITRUST conference, the SOC 2 and HITRUST CSF session was well-attended by many interested in learning more about the benefits of SOC 2 and HITRUST. As the attendance of this session grows each year, the audience is increasingly more confident in its questions, observations, and use of the combined assessment. The allure of this joint assessment is the seamless audit experience that allows reuse of the test materials for multiple goals and reporting options. Mantras like “assess once, report many” are real, and extremely relevant. Those who have mastered the process spoke to participants, giving them insight into the key success factors.
Drew Hendrickson, LBMC Information Security Shareholder, informed the audience that “Choosing the right partner with experience is key. The primary success factor is working with your audit partner to make sure that your goals are clearly identified, timing is defined, and all reporting options are known upfront.”