UHY’s professionals offer decades of experience and success in IT assurance and consulting, with specialized technology skills and extensive IT controls knowledge. This depth of skills and experience, combined with our approach to risk and compliance, allows us to provide our clients with personalized solutions that address their needs.
The most prevalent strategy for understanding and monitoring controls at a service provider is to request a third-party compliance report based on an appropriate security and technology framework. If your organization stores or processes client information, chances are you have had requests from your customers for a compliance report or security questionnaire. A SOC report is intended to provide customers and stakeholders with assurance regarding the effectiveness of an organization’s system of internal control.
SOC 1® - Evaluates the controls of the service organization that are relevant to the user organization’s internal controls over financial reporting. This report is most applicable to third party organizations that initiate, process, transmit, record, and report transactions.
SOC 2® - This report focuses on your non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, or privacy (trust services criteria). This report is often requested by customers of companies providing technology related services.
SOC 3® - This is a general purpose (unrestricted) report that can be used to provide assurance of effective controls within the system to customers, prospects, or the general public. It provides a high-level overview of an organization’s control environment to external parties who don’t need a detailed understanding of the controls within the system.
Contact One Of Our Professionals Today
Fill out the form to speak with one of our professionals.