Newly enhanced web-based audit tool adds SSAE18 framework to help organizations obtain a SOC 2 certification at no cost
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its Compliance Audit Readiness Assessment (CARA) tool has been enhanced to include the Statement on Standards for Attestation Engagement no. 18 Trust Services Criteria (SSAE18) framework, which helps organizations obtain a System and Organization Controls 2 (SOC 2) certification. CARA is available now on KnowBe4’s website at no cost.
The Compliance Audit Readiness Assessment (CARA) tool can help security professionals take the first step towards assessing their organization’s compliance audit readiness for meeting the requirements for the Cybersecurity Maturity Model Certification (CMMC) and SSAE18 frameworks. KnowBe4 offers a SaaS-based platform, KnowBe4 Compliance Manager Governance, Risk and Compliance (KCM GRC), that helps to streamline compliance audit requirements. CARA leverages a subset of pre-built templates available within KCM GRC that offers in-platform control guidance suggestions to help security professionals create these types of controls. KCM GRC helps you create and manage appropriate controls to quickly implement your compliance requirements for the CMMC and SSAE18, as well as a variety of the most commonly used frameworks.
“KnowBe4’s CARA tool, which is complimentary and web-based, helps to gauge an organization’s readiness in meeting compliance requirements for the SSAE18 framework, a new and revamped component of CARA,” said Stu Sjouwerman, CEO, KnowBe4. “CARA asks for a rating of readiness for each requirement and then provides an analysis of the results with guidance to help security professionals create and implement controls to help get their organization ready for a SOC 2 compliance audit. SOC 2 audits are important because they provide assurance of the organization’s ability to secure financial data relating to their customers and this time-saving tool helps to better prepare organizations for obtaining the SOC 2 certification.”
The SSAE18 framework was created by the American Institute of Certified Public Accountants (AICPA) for service organizations. The SSAE18 framework is a standard that can be used to assess the quality of financial reporting and system security that an organization provides, including the accuracy, completeness and fairness of these processes. Often, organizations use this framework to obtain a SOC 2 certification.
For more information on the KnowBe4 CARA tool, visit https://www.knowbe4.com/compliance-audit-readiness-assessment.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 47,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.
