Service Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.
Our SOC Services Team is committed to providing our clients with the following:
- A team approach to client service, utilizing all of the resources of our firm.
- A flexible, practical cost-effective approach to the delivery of a SOC product.
- The technical expertise you value and the personal service you deserve.
- Accessibility to engagement partners and professional staff.
- A detailed proposal and project plan to ensure that you receive the appropriate solution for your business.
- Affiliates in most major North American cities through our membership with the Leading Edge Alliance.
Contact one of Marcum's regional representatives.
Service Organization Control (SOC) Reports
SOC reports adhere to a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to provide a mechanism by which service organizations can demonstrate the establishment of effectively designed control objectives and control activities to their customers, via an in-depth audit of the processes that are related to the services rendered to their customers.
There are three (3) key reasons that service providers engage an auditor to prepare a SOC report:
- Replaces the need of customer organizations to perform their own audits of services rendered by the service organization thereby minimizing disruption of operations.
- Provides the service organization an independent operational assessment identifying opportunities for improvement regarding services rendered.
- Serves as a marketing tool by which service organizations can provide potential clients the SOC report as a validation regarding services offered.
|Marcum team orientation||Review relevant systems||Finalize testing procedures plan||Review final draft of report|
|Develop project management plan||Review relevant processes||Discuss testing procedures with management||Resolve any reporting issues with management|
|Finalize critical deadlines||Identify relevant control objectives||Perform control walkthrough and testing procedures||Review drafts with Management|
|Develop preliminary lists of documents to be prepared by client||Identify key controls||Document testing||Issue Report Adobe PDF format Bound hard copy|
|Conduct planning meeting with the Company's Management||Perform risk assessment||Draft summary of findings||Debrief with management including control findings and recommendations|
|Finalize evaluation of internal controls||Review draft report|
|Identify potential internal control issues/concerns||Wrap-up fieldwork|
|Report findings to the Company's Management|