Mitigate challenges to build a strong, process oriented systems and controlled organization.
Our Advisory Expertise Tailored for you accelerates Your Digital Transformation
Gain an independent third eye verification on the internals organizational controls governing the integrity, reliability, effectiveness and security of the processing services provided to user organizations.
Innovations in technology and the reliance on third party servicing have increased the need for Service Organization Control (SOC) reports by service organizations. The professionals in our IT Consulting division assist clients in determining the appropriate SOC report for their organization. Our consultants have deep experience in performing SOC engagements, as well as SAS70s, their predecessor.
The following outlines the three SOC reports, which are a result of the new Statement on Standards for Attestation Engagements, SSAE 16 – Reporting on Controls at a Service Organization:
- A SOC 1SM report evaluates the effectiveness of a service organizations controls over a user entity’s financial statement assertions.
- A SOC 2 SM report provides detail over the controls at a service organization as they relate to security, availability, processing integrity, confidentiality or privacy.
- A SOC 3 SM report is a Trust Service examination report, which addresses the same subject areas as a SOC 2 SM report, but in a shortened version. This rapport can be used in a service organization’s promotional efforts and on its website.
- In addition to performing the SOC related services, outlined above, our consultants provide readiness assessments which help a service organization prepare for and plan their SOC report.