2. TrustCommunity
  3. Forums
  4. TrustCloud Q&A
  5. SOC 2 Cyber Insurance
SHARE THIS TOPIC  
Ask a Question
pratik2
Participant
2 months ago 4 Replies
Q:

SOC 2 Cyber Insurance

Is it mandatory to have cyber insurance for SOC2, or I can exclude it

Tagged: 
docs icon TrustCloud Q&A
All Replies

Viewing 0 reply threads

  • Richa Tiwari
    Participant
    2 months ago

    Hi Pratik, the SOC 2 framework doesn’t explicitly require cyber insurance. It requires the organization to invest in risk mitigation and one of the ways to do that is through cyber insurance. You could exclude it for now, but I believe your prospects and customers will require you to have it to ensure business continuity in the event of a cyber attack. Additionally, your auditors might dive into this and will recommend to have an insurance prior to the next audit.

    • pratik2
      Participant
      2 months ago

      Thanks for the reply, in the last sentence you mentioned Auditor will recommend having insurance prior to the next audit. does that mean, prior to the renewal of SOC2.

    • Richa Tiwari
      Participant
      2 months ago

      yes, they will want you to make progressive improvements to your program and will want to see in the next review evidence of cyber insurance.

    • pratik2
      Participant
      2 months ago

      Thank you!

Viewing 0 reply threads

Join the conversation

TrustCommunity

The #1 Community for Security, Privacy, and GRC Professionals.

© 2023 TrustCloud Corporation. All rights reserved.
TrustOps® is a registered trademark of TrustCloud Corporation.

FlightSchool RSS Feed

Resources

Platform

TOPICS

ABOUT US

AICPA
Monitored by TrustCloud

💛 Joyfully Crafted to Elevate GRC Leaders into Trust Champions.