System and Organisation Controls (SOC) Services

Help assess and report on the design and operating effectiveness of internal controls.

SOC reporting has become the most widely accepted report on controls at subservice organizations, providing a value proposition that differentiates your organization from your competition.

We provide the following SOC examinations to help organizations assess and report on the design and operating effectiveness of their internal controls:

• SOC Readiness Assessments
• SOC 1, Type 1
• SOC 1, Type 2
• SOC 2, Type 1
• SOC 2, Type 2
• SOC 3

Performing a SOC examination of a third-party service provider can help:

• Deliver service providers' users with information on the internal control environment, including the operating effectiveness of controls affecting the users’ internal controls over financial reporting
• Address a service provider’s users’ need to understand the internal controls at the service provider related to security, availability, processing integrity, confidentiality, and/or privacy
• Aid the service provider’s users’ financial statement auditors to determine reliance on controls in place at the service provider
• Eliminate the need for multiple customers to perform onsite audits
• Satisfy a requirement by many companies that an audit of internal controls be in place at their service provider
• Indicate to potential customers a service provider’s commitment to internal controls and transaction processing integrity
• Identify improvement opportunities in operational areas at the service provider
• Provide an additional marketing opportunity and competitive advantage over other service providers