From the course: Advanced SOC 2 Auditing: Proven Strategies for Auditing the Security, Availability and Confidentiality TSCs
Join today to access over 25,300 courses taught by industry experts.
Exploring CC1.4 - COSO Principle 4: Fostering a commitment to competent talent acquisition, development, and retention in alignment with objectives
From the course: Advanced SOC 2 Auditing: Proven Strategies for Auditing the Security, Availability and Confidentiality TSCs
Exploring CC1.4 - COSO Principle 4: Fostering a commitment to competent talent acquisition, development, and retention in alignment with objectives
- [Instructor] Welcome to our analysis of CC1.4. In this section, we'll explore the organization's dedication to bringing in, cultivating and retaining skilled individuals, ensuring they align with the organization's objectives. Our exploration of CC1.4 focuses on the strategic approach of the organization. It covers how policies and practices are set to ensure competence, the assessment of these policies, the training provided to individuals and plans in place for succession. The controls for CC1.4 revolve around orientation training for new hires to understand the roles within the company. Security awareness training, mandatory training upon hiring and annual renewals to keep employees abreast of security responsibilities. Phishing campaigns, regular simulated phishing tests with remedial training for those who fail and security bulletins, subscriptions to news bulletins to stay informed about emerging security threats, including vendor communication about vulnerabilities and…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
(Locked)
Exploring CC1.1 - COSO Principle 1: Upholding integrity and ethical values2m 52s
-
(Locked)
Exploring CC1.2 - COSO Principle 2: Ensuring board independence and oversight of internal control3m 40s
-
(Locked)
Exploring CC1.3 - COSO Principle 3: Establishing effective structures and reporting lines for objective pursuit2m 37s
-
(Locked)
Exploring CC1.4 - COSO Principle 4: Fostering a commitment to competent talent acquisition, development, and retention in alignment with objectives2m 26s
-
(Locked)
Exploring CC1.5 - COSO Principle 5: Ensuring accountability for internal control responsibilities in objective pursuit2m 48s
-
(Locked)
Exploring CC2.1 - COSO Principle 13: Leveraging relevant, quality information to enhance internal control functionality2m 49s
-
(Locked)
Exploring CC2.2 - COSO Principle 14: Enhancing internal control through effective internal communication of objectives and responsibilities2m 35s
-
(Locked)
Exploring CC2.3 - COSO Principle 15: Facilitating external communication for effective functioning of internal control3m 6s
-
(Locked)
Exploring CC3.1 - COSO Principle 6: Defining clear objectives to facilitate risk identification and assessment2m 54s
-
(Locked)
Exploring CC3.2 - COSO Principle 7: Identifying and analyzing risks for effective objective achievement and risk management3m 24s
-
(Locked)
Exploring CC3.3 - COSO Principle 8: Addressing fraud potential in risk assessment for objective achievement2m 23s
-
(Locked)
Exploring CC3.4 - COSO Principle 9: Evaluating changes that significantly impact the internal control system2m 43s
-
(Locked)
Exploring CC4.1 - COSO Principle 16: Evaluating component presence and functionality for effective internal control2m 7s
-
(Locked)
Exploring CC4.2 - COSO Principle 17: Timely evaluation and communication of internal control deficiencies for effective corrective action2m 30s
-
(Locked)
Exploring CC5.1 - COSO Principle 10: Selecting and developing control activities to mitigate risks to achieve acceptable levels2m 56s
-
(Locked)
Exploring CC5.2 - COSO Principle 11: Selecting and developing technology control activities for objective support2m 20s
-
(Locked)
Exploring CC5.3 - COSO Principle 12: Deploying control activities through policies and procedures for effective implementation2m 27s
-
Exploring CC6.1 - Implementing logical access security for protected information assets to meet objectives3m 9s
-
(Locked)
Exploring CC6.2 - Granting user access: Registering, authorizing, and administering system credentials2m 22s
-
(Locked)
Exploring CC6.3 - Removing user access: Role-based authorization, segregation of duties, and access modification2m 14s
-
(Locked)
Exploring CC6.4 - Securing physical access: Restricting facilities and protected information assets to authorized personnel2m 37s
-
(Locked)
Exploring CC6.5 - Safeguarding physical assets: Discontinuing protections in alignment with objectives2m 22s
-
(Locked)
Exploring CC6.6 - Strengthening logical access security: Safeguarding against external threats2m 36s
-
(Locked)
Exploring CC6.7 - Safeguarding information: Restricting transmission, movement, and removal to achieve objectives2m 41s
-
(Locked)
Exploring CC6.8 - Preventing and detecting unauthorized or malicious software: Controls for objective alignment2m 58s
-
(Locked)
Exploring CC7.1 - Detecting and monitoring procedures: Identifying configuration changes and vulnerabilities for objective alignment2m 23s
-
(Locked)
Exploring CC7.2 - Monitoring system components: Detecting anomalies and analyzing security events for objective fulfillment2m 37s
-
(Locked)
Exploring CC7.3 - Evaluating security events: Preventing and addressing failures to achieve objectives2m 25s
-
(Locked)
Exploring CC7.4 - Responding to security incidents: Executing an effective incident response program2m 38s
-
(Locked)
Exploring CC7.5 - Recovering from security incidents: Identifying, developing, and implementing effective recovery activities2m 44s
-
Exploring CC8.1 - Change management for objective alignment: Authorizing, designing, and implementing changes2m 18s
-
(Locked)
Exploring CC9.1 - Mitigating business disruption risks: Identifying, selecting, and developing risk mitigation activities2m 33s
-
(Locked)
Exploring CC9.2 - Managing vendor and business partner risks: Assessing and mitigating risks effectively2m 53s
-
(Locked)
-
-
-
-