SOC Readiness and Compliance

SOC 1 and SOC 2 reports deliver a recognized level of assurance regarding a service organization’s internal controls, establishing or enhancing credibility in the eyes of customers and their auditors. Particularly for entities new to SOC reporting, preparation is critical. We have a process in place that will help guide you through a readiness or “gap” assessment to identify areas where controls are missing or need improvement. Specifically, we collaborate with your team to identify and resolve issues in key areas such as organization and management, communications, risk management, monitoring of controls, systems operations and more. Once you’re ready, or in the case of entities accustomed to having SOC examinations performed, we conduct the engagement and issue a comprehensive, reliable report you can take to market. Throughout the entire process, our goal is to help you improve the operational excellence of your business and build trust with your external audiences.

Our highly credentialed team is comprised of a compelling mix of accounting and technology experts. We have 40-plus years of auditing experience, deep knowledge of internal control concepts and practices, and undergo continual SOC training through the American Institute of CPAs and various state CPA societies. Adding to our expertise is a long list of IT specializations, including Microsoft Certified Professionals and CompTIA Security + Certified Professionals, for example. We also offer specialized knowledge in practices and procedures surrounding cryptography/cryptocurrencies, cloud-based environments, physical and logical security, and program change controls. Specifically for organizations in the digital space, our Investment Industry Services practice provides additional expertise through its work with more than 100 cryptocurrency funds and other organizations in the digital asset realm, such as custodians, fund administrators and blockchain data providers.

We have conducted readiness assessments, and SOC 1 and SOC 2 engagements for service organizations that include:

  • IT Managed Services
  • IT Colocation Centers
  • Health Care Claims Management & Processing
  • Product Benefit Administration
  • Third Party Administration for Pension Plans, Mutual Funds & Hedge Funds
  • Digital Asset Custodians
  • Blockchain Data Systems
  • Platform as a Service (PaaS) Providers