Service Organization Control (SOC) Reports
Deeply Experienced in the Guidelines and Standards
Service Organization Control (SOC) Reports apply to organizations that handle sensitive client data related to using outsourced business processing and information technology. We specialize in reporting on controls, providing SOC reports, and giving advice by selecting the most relevant SOC report or SSAE 16 Audit for you.
A SOC 1, or SSAE 16 Report (formerly SAS 70), focuses on controls that are likely to be relevant to an audit of your clients’ financial statements. Hein is here to help you understand SOC 1 reports and what actions are required to comply with your client’s requests.
A SOC 2 report provides an independent examination of the controls you have in place to keep your client’s information safe. Like a SOC 1 report, it requires a written assertion by your company’s management regarding control objectives, system description, and effectiveness of your controls.
Given the restricted size of the audience for an organization’s SOC 2 report and the level of detail involved, many organizations choose to issue a SOC 3 report in order to share some less detailed information about their operational controls with a broader group of stakeholders.
SOC Readiness Services
- Service organization reporting standards expertise
- Efficient, effective and practical solutions for all size companies
- Responsiveness and communication
- Strong mutual relationships
- Service auditor quality of service
- Certified Privacy professionals
- Practical templates and tools so clients can quickly prepare for SOC audits
- Broad client base across most industries to leverage experience
- Strong cloud services IT and security experience