THIRD PARTY ASSURANCE (SOC & CYBER SECURITY)

DiSanto, Priest & Co. SOC Reports

At an ever increasing speed, companies are using outside service organizations to perform activities that are core to their business operations.  They do so to focus time, energy, and resources on those activities that are central to their long term success.  However, with the need to outsource comes an equally important need for more trust and transparency with the outsourced service company’s operations, processes, and results.  Customers need assurance that service organizations can perform as advertised, deliver what was promised, and continue to meet established expectations, year in and year out.  Management within an organization that has chosen to outsource want their service organizations to provide assurance over a range of general and industry specific concerns:

  • Security
  • Availability
  • Confidentiality
  • Processing Integrity
  • Privacy

Based on this need, we are committed to helping our clients

At DiSanto, Priest & Company, We Offer:

  • Service Organization Control (SOC 1) Report No.1 (formerly SAS No. 70)
    • The SOC 1 report examines internal controls at a service organization that impact user entity’s controls over financial reporting. DiSanto, Priest & Co. handles all aspects of SOC 1 compliance, from looking at SOC 1 Type 1 vs. SOC Type 2, to walking you through every step of the SOC 1 audit report.
  • Service Organization Control (SOC 2) Report No. 2
    • The SOC 2 report examines the internal controls at a service organization with respect to the trust service principles; Security, Availability, Confidentiality, Processing Integrity and Privacy. At DiSanto, Priest & Co., we’ll ensure that SOC 2 compliance is streamlined by detailing all SOC 2 requirements and a comprehensive SOC 2 controls list.
  • Service Organization Control (SOC 3) Report No. 3
    • The SOC 3 report involves the same procedures as a SOC 2 certification without all of the details which allows the report to be more widely distributed, and most often used as a marketing tool. DiSanto, Priest & Co. will help you through every phase of the process – from discerning between SOC 3 vs. SOC 2 to all aspects of the SOC 3 audit.

DiSanto, Priest & Co. performs the following Third-Party Assurance (Service Organization Control – SOC) reporting services:

  • Financial reporting controls
  • Data security
  • Privacy
  • Regulatory compliance
  • Service Level Agreements
  • State and Federal Information Security laws

A Tailored Approach

At DiSanto, Priest & Co. we understand service organizations and their client base. Together, we work to provide a solution that can save considerable time, money and effort.  We start by first determining if your organization needs a SOC report, walking through the components of SOC 1 vs. SOC 2, to the SOC 1 audit checklist, to the total SOC 2 audit cost. After looking at every detail, we provide a solution that most closely aligns with strategic and project goals.

Our tailored approach to providing these specific assurance services make it possible for you to approach both existing and prospective customers with confidence and to convey trust and transparency.  If you must address subject matter that does not appear satisfied by any of the Service Organization Control (SOC) reports, a customized attestation report using another AIPCA attestation standard may be the missing piece to the puzzle.  DiSanto, Priest & Co. can help you find that missing piece with SOC compliance.

Learn more about how a SOC report will benefit your company below, or contact us for a free consultation.

Related White Papers
AN INFORMATION TECHNOLOGY DISASTER RECOVERY PLAN – WHY YOUR SERVICE ORGANIZATION NEEDS ONE
Explore the importance of developing a recovery plan so that organizations are prepared in the event of a cyber emergency.
IS YOUR BUSINESS THOROUGHLY EVALUATING AND MONITORING ITS VENDORS AND SUBSERVICE ORGANIZATIONS?
Discover the importance of performing due diligence on outside organizations you partner with in order to protect your business from data and security breaches.
BUSINESS VALUATION: A PRIMER FOR BUSINESS OWNERS
Learn why it's critical to understand the value of your business and about the four different valuation models for accessing what your business is worth.
KEEPING CUSTOMER DATA SECURE
Do you have a data security plan for your organization? Understand data security recuirements and how to protect your business.
COST SEGREGATION: A VALUABLE STRATEGY FOR COMMERCIAL PROPERTY OWNERS
Learn what a cost segregation analysis does for commercial property owners and the impact it can have on your business.
THE INGREDIENTS IN A SOC REPORT & THE NUTRITIONAL VALUE OF YOUR SERVICE ORGANIZATION
Learn how to build an SOC report and the important details that play a role in creating it for your unique organization.
THE SIGNIFICANCE OF A SOC REPORT: ILLUMINATING THE CONTROLS OF YOUR SERVICE ORGANIZATION
Understand how your business operates when working with outside vendors, and why utilizing SOC reports can protect your business.
HOW TO FIND YOUR MATCHING “SOC” IN A BASKET OF WRINKLED GUIDANCE
Understand the variety and value of SOC reports and which one should be utilized for your organization.
CLARIFYING THE DIFFERENT FORMS OF SOC REPORTING
SOC 1, SOC 2, and SOC 3 reports are not the same; each serves a different purpose. This whitepaper walks you through the differences and how each can be utilized for your organization.
TAX REFORM AND R&D CREDITS
Review three expert opinions in their respective fields as they walk through the Tax Cuts and Jobs Act (TCJA), international tax opportunities, and R&D tax credits of 2017/2018.
error: