SOC 2 Basics
The SOC2 standard produces an attestation report that is intended for all other customers who do not rely upon your services for controls over their financial reporting. For the SOC 2 report, you will select one to five of the AICPA’s Trust Services Principles which include Security, Processing Integrity, Confidentiality, Availability and Privacy. Each of the principles specifies a standardized set of criteria that must be met in order to receive a positive audit report. As the criteria provided by the AICPA, there is not as much flexibility available in crafting the controls (compared to the SOC 1) to better fit the way that your organization conducts business. Typically, businesses receive audits and updated reports on an annual basis.
Types of businesses where SOC 2 reports are typically the most appropriate are as follows:
- Data Centers
- Cloud Service Providers
- IaaS Providers
- Outsourced IT Services
- Healthcare IT Platform Providers
Our professionals have years of experience in both preparing companies for and performing SSAE 16 and SOC audits. We are able to walk you through the entire process from start to finish to help achieve results that are representative of how you do business.
We are able to assist through each step of the audit process:
- Conduct a pre-assessment to identify areas that may need improvement prior to your audit
- Assist you with interpreting your customers’ assurance needs and determine what (if any) reports would be appropriate to pursue
- Perform the audit and arrange for the delivery of the final report from a licensed CPA firm
Trust Services Principles
There are five different Trust Services Principles to chose from to have included within your report. The five principles are Security, Availability, Confidentiality, Processing Integrity and Privacy. Click here to find out more about each Principle.
The correct report for your company depends on the needs of your customers. Active consultation with your customers and auditor allows you to select the best option to meet their needs.