DiSanto, Priest & Co. SOC Reports
At an ever increasing speed, companies are using outside service organizations to perform activities that are core to their business operations. They do so to focus time, energy, and resources on those activities that are central to their long term success. However, with the need to outsource comes an equally important need for more trust and transparency with the outsourced service company’s operations, processes, and results. Customers need assurance that service organizations can perform as advertised, deliver what was promised, and continue to meet established expectations, year in and year out. Management within an organization that has chosen to outsource want their service organizations to provide assurance over a range of general and industry specific concerns:
- Security
- Availability
- Confidentiality
- Processing Integrity
- Privacy
Based on this need, we are committed to helping our clients
At DiSanto, Priest & Company, We Offer:
- Service Organization Control (SOC 1) Report No.1 (formerly SAS No. 70)
- The SOC 1 report examines internal controls at a service organization that impact user entity’s controls over financial reporting. DiSanto, Priest & Co. handles all aspects of SOC 1 compliance, from looking at SOC 1 Type 1 vs. SOC Type 2, to walking you through every step of the SOC 1 audit report.
- Service Organization Control (SOC 2) Report No. 2
- The SOC 2 report examines the internal controls at a service organization with respect to the trust service principles; Security, Availability, Confidentiality, Processing Integrity and Privacy. At DiSanto, Priest & Co., we’ll ensure that SOC 2 compliance is streamlined by detailing all SOC 2 requirements and a comprehensive SOC 2 controls list.
- Service Organization Control (SOC 3) Report No. 3
- The SOC 3 report involves the same procedures as a SOC 2 certification without all of the details which allows the report to be more widely distributed, and most often used as a marketing tool. DiSanto, Priest & Co. will help you through every phase of the process – from discerning between SOC 3 vs. SOC 2 to all aspects of the SOC 3 audit.
DiSanto, Priest & Co. performs the following Third-Party Assurance (Service Organization Control – SOC) reporting services:
- Financial reporting controls
- Data security
- Privacy
- Regulatory compliance
- Service Level Agreements
- State and Federal Information Security laws
A Tailored Approach
At DiSanto, Priest & Co. we understand service organizations and their client base. Together, we work to provide a solution that can save considerable time, money and effort. We start by first determining if your organization needs a SOC report, walking through the components of SOC 1 vs. SOC 2, to the SOC 1 audit checklist, to the total SOC 2 audit cost. After looking at every detail, we provide a solution that most closely aligns with strategic and project goals.
Our tailored approach to providing these specific assurance services make it possible for you to approach both existing and prospective customers with confidence and to convey trust and transparency. If you must address subject matter that does not appear satisfied by any of the Service Organization Control (SOC) reports, a customized attestation report using another AIPCA attestation standard may be the missing piece to the puzzle. DiSanto, Priest & Co. can help you find that missing piece with SOC compliance.
Learn more about how a SOC report will benefit your company by scheduling a free consultation with a member of our team.