CC9.1SOC 2Risk mitigation - selects and develops risk responses
The entity identifies, selects, and develops risk mitigation activities for business disruptions and vendor or third-party risks.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- Business disruption scenarios are assessed
- Third-party risks are evaluated
- Mitigation plans are approved and tracked