Hein SOC MethodologyThe formal reporting process/methodology that Hein follows is broken into the high level processes described below.

  1. Our team schedules two fieldwork visits – first to perform the initial assessments, walkthroughs and effectiveness testing, and again later in the reporting period to perform roll-forward effectiveness testing just prior to the end of the reporting period. The team will meet with key control owners to gain an understanding of your control environment and to request and obtain documentation used to test and assess the design and operating effectiveness of your controls.
  2. During the reporting phase, the engagement team assembles the report and completes final reviews to issue our opinion and report on the design and operating effectiveness of your control environment.

Why Hein?

  • Service organization reporting standards expertise
  • Efficient, effective and practical solutions for all size companies
  • Responsiveness and communication
  • Strong mutual relationships
  • Service auditor quality of service
  • Certified Privacy professionals
  • Practical templates and tools so clients can quickly prepare for SOC audits
  • Broad client base across most industries to leverage experience
  • Strong cloud services IT and security experience


Please contact consulting@heincpa.com for more information or call 877-554-7735.