Skip to main content Skip to search

856-320-4662

Email Us

 

SOC 1 Audits

Businessman presses button internal control on virtual screens. Business, technology, internet and networking concept.

Reports on Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting:

  • SOC 1® reports are examination engagements performed by a service auditor (CPA) in accordance with Statement on Standards for Attestation Engagements (SSAE) , Reporting on Controls at a Service Organization, to report on controls at a service organization that are likely to be relevant to an audit of a user entity’s financial statements.
  • Use of a SOC 1® report is restricted to existing user entities (not potential customers) and their auditors.

SOC 2 Audits

Cyber Security Data Protection Business Technology Privacy concept.

Reports on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality and Privacy:

  • SOC 2® reports are examination engagements performed by a service auditor (CPA) in accordance with AT Section 101, Attest Engagements, of SSAEs (AICPA, Professional Standards) using the predefined criteria in TSP Section 100, Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Technical Questions & Answers).
  • SOC 2® reports specifically address one or more of the following five key system attributes:
    • Security, Availability, Processing Integrity, Confidentiality, and Privacy.

SOC 3 Audits

Businessman pressing an Trust concept button on a circular display.

Trust Services Report for Service Organizations:

  • SOC 3® reports are examination engagements performed by a practitioner (CPA) in accordance with AT Section 101, Attest Engagements, of SSAEs (AICPA, Professional Standards) using the predefined criteria in TSP Section 100, Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Technical Questions & Answers).
  • A SOC 3® report is a general-use report that provides only the auditor’s report on whether the system achieved the trust services criteria. There is no description of tests and results or opinion on the description of the system provided.
  • SOC 3® reports can be issued on one or more of the Trust Services principles (security, availability, processing integrity, confidentiality and privacy).

Industries That We Provide SOC Audits To

  • Collection Agencies
  • Collection Service Firms
  • Mortgage Lenders
  • Residential Loan Origination
  • Mortgage Loan Services
  • Cloud Hosting Services
  • IT Security Firms