CC3.2SOC 2Risk assessment - identifies and analyzes risks
The entity identifies risks to the achievement of objectives and analyzes those risks as a basis for response.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- Threats and vulnerabilities are identified
- Risk likelihood and impact are assessed
- Risk responses are selected and tracked