SOC 1, 2, 3 & Cybersecurity
Earn a competitive advantage and client trust through third-party validation.
Validating controls and providing peace of mind.
Companies are under increased pressure to demonstrate that they have effective processes and controls in place. System and Organization Control (SOC) engagements (formerly known as SAS 70 or SSAE 16 reviews) have become the gold standard for examining, assessing and reporting on financial, data and cybersecurity controls.
Our SOC experts work alongside you to ensure that your control activities meet industry best practices and satisfy the scrutiny of your clients and their auditors.
We also offer a readiness review to help ensure your controls will be effective and in place during the SOC reporting period. We’ll analyze any weaknesses of current controls, and provide recommendations for you to correct these weaknesses prior to starting an actual SOC engagement.
|Who uses the audit info||Why||What the audit reports on|
|SOC 1||Users’ controller’s office and users’ auditors||Audits of financial statements||Internal controls over financial statements|
|SOC 2||Internal management, regulators||
||Security, availability, processing integrity and privacy controls|
|SOC 3||General public||
||General customer assurance, marketing|
|SOC for Cybersecurity||Senior management, board of directors, analysts, investors, business partners||To provide intended users with information about an entity’s cybersecurity risk management program for making informed decisions||Enterprise-wide cybersecurity risk management program|
Ready to start a conversation?