AWe help service organizations report on internal controls over the services they provide to their customers. Service Organization Control (SOC) reports provide a consistent framework to report these controls (starting June 15th, 2011, SOC reports replace the SAS 70 report). Using the SOC reporting standards, we can provide a SOC 1 (based on the SSAE 16 standard), SOC 2 , or SOC 3 reports to help satisfy their customers. Additionally, service organizations with international customers can now utilize the new ISAE 3402 standard (International Standards on Assurance Engagements), which was created to closely mirror the SSAE 16 (the AICPA standard).
We can provide the following services:
| a. |
Service Organization Control Reporting Readiness Services
|
| a. |
SOC 1 Reporting: (SSAE16 – internal controls over financial reporting)
|
| a. |
SOC 2 Reporting: (non-financial controls related to security, availability, processing integrity, confidentiality and privacy).
|
| a. |
SOC 3 Reporting: (WebTrust and SysTrust reports)
|
| b. |
ISAE 3402 Reporting
|
|
