July 5, 2018

Service Organization Controls (SOC)

SOC audit service organization control

If you’re a service provider that processes customer data or provides hosting or other services, an independent third-party examination report is more than a requirement of doing business; it’s a vital opportunity to:

Streamline business processes

Strengthen operational controls

Build trust and mitigate risk

Comply with regulatory requirements

Developed by the American Institute of Certified Public Accountants (AICPA), Service Organization Control (SOC) reports are designed to help service organizations build trust and confidence in the services being provided, and the controls related to those services. A SOC report shows your customers that you have managed their data securely and with integrity.

Only independent Certified Public Accountants can issue SOC reports. Each type of SOC report is designed to help service organizations meet specific user needs:

SOC 1 REPORT

SOC 1 reports are specifically focused on internal controls over financial reporting. A SOC 1 is an examination of the internal controls (policies, procedures, and technologies) which a service provider has implemented to protect client data.

SOC 2 REPORT

SOC 2 reports are for companies that store or process data, more focused on a company’s non-financial reporting controls. SOC 2 defines criteria for managing customer data based on five “trust service categories”—security, availability, processing integrity, confidentiality and privacy. These reports are intended for use by stakeholders and regulators that need an in-depth understanding of the organization and its internal controls structure.

AICPASOC
SOC 3 REPORT

These reports are designed for users who need reassurance on controls at the service organization but do not require the depth of information provided in a SOC2 report.

Wondering if your business should have a SOC report? Contact us for a consultation to review your unique situation with no obligation.

MEET

THE

SOC TEAM

Jan Schweitzer, CPA, Shareholder
Pat Sassano, Director of Client Services
Chris Silvonen, Cyber Security Engineer
Linsay Carlson, CPA
Will Parnell
Jessica Van Voast, CPA, Shareholder
Jessica Van Voast, CPA, Shareholder