CC3.4SOC 2Risk assessment - significant change
The entity identifies and assesses changes that could significantly affect internal control.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- Product, infrastructure, and personnel changes are evaluated
- Third-party and regulatory changes are monitored
- Control impacts are assessed before rollout