SOC2 is a deal breaker. It is already a pain to work for large American companies. You are forced to not be honest in the audits. The audits are complete bs by the way. Some external off shored company that wants screenshots of some specifics that they somehow found important. It is more Kafka than actual value. Miss those days, not…
It is better how it works in EU. Track money and stock activity + GDPR. SOC does not prevent Enrons. I mean, even if there was a complete ledger of everything ever done in a company you could still not prevent Enrons. The fraud part should have been detected anyway. And would have in EU, I would say.
Edit: D'oh! I mixed it up with SOX that is mandatory.
When an audit imposes a dumb requirement that nobody will benefit from, and it's easier to change jobs than to do the dumb thing, you have the theoretical option to be honest and do it.
But if it's easier to change jobs than to be honest - is the option to be honest one that will be taken by any rational person?
Actually, the easiest thing is to find a better auditor. A SOC audit isn't like an IRS audit, you actually pay them to come in and audit. Not all are created equal and sometimes you get what you pay for.
It is better how it works in EU. Track money and stock activity + GDPR. SOC does not prevent Enrons. I mean, even if there was a complete ledger of everything ever done in a company you could still not prevent Enrons. The fraud part should have been detected anyway. And would have in EU, I would say.
Edit: D'oh! I mixed it up with SOX that is mandatory.