SYSTEMS AND ORGANIZATION CONTROLS (SOC) AUDITS
We work with service providers across many industries to provide third-party attestation and Systems and Organization Controls (SOC) reporting.
We work with service providers across many industries to provide third-party attestation and Systems and Organization Controls (SOC) reporting.
SOC audits and resulting reports verify that a company’s or organization’s internal controls and IT environment are robust and employ best practices to protect data. These reports provide transparency and address the reliability of outsourced service providers and their processes. Companies and organizations find that having a SOC report can be a sales and marketing advantage, as it provides assurance to potential clients, current clients, business partners, and other third parties.
SOC reports give companies and organizations an efficient, single resource for sharing information with various parties. The alternative is to answer questions about internal controls, the IT environment, etc. with each party whenever they inquire. Obviously, this can become cumbersome and inefficient over time.
Finally, SOC audits must be performed by a CPA firm, and are generally done every year. Reports are good for one year from the date of the report. After a company has its report, it can also use a special “Service Organization Controls Report” logo provided by the AICPA on its materials.
For more information about SOC reports, we recommend visiting the AICPA’s website on SOC.
Our SOC audit practice is a part of our Audit and Assurance Services group. We provide: