|
|
|
|
|
|
by mrclark411
1687 days ago
|
|
|
We got a SOC2... and still get questionnaires. It's the worst. Companies are just outsourcing their security reviews to the vendor. Rather than rely on a 3rd party audited document companies want their custom questions answered. BUT - they aren't custom questions - it's the same questions for every vendor and they are very often poorly worded. Then when we turn them in - there's no follow up questions which to me implies that no one is reading them. Security theater... |
|
|