Compliance

AICPA SOC Compliance Audit

banner-dashboards

SOC Reports

System and Organization Controls (SOC) reports enable companies to feel confident that service providers, or potential service providers, are operating in an ethical and compliant manner. No one likes to hear the word audit, but SOC reports establish credibility and trustworthiness for a service provider — a competitive advantage that’s worth both the time and monetary investment.

SOC reports utilize independent, third-party auditors to examine various aspects of a company, such as:

  • Security
  • Availability
  • Processing Integrity
  • Confidentiality
  • Privacy
  • Controls related to financial reporting
  • Controls related to Cybersecurity

AICPA | SOC - www.aicpa.org/soc4so

 

SOC 1®– SOC FOR SERVICE ORGANIZATIONS: ICFR


SOC 1® reports are examination engagements performed by a service auditor - prepared in accordance with AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting. SOC 1 reports are specifically intended to meet the needs of entities that use service organizations (user entities) and the CPAs that audit the user entities’ financial statements (user auditors), in evaluating the effect of the controls at the service organization on the user entities’ financial statements.

The two types of SOC 1® reports are:

(i) Type 2 - report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

(ii) Type 1 – report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.

SOCLogoPane
 

SOC 2® - SOC for Service Organizations: 

Trust Services Criteria

SOC 2® reports are examination engagements performed by a service auditor in accordance with SSAE No. 18, Attestation Standards: Clarification and Recodification, which includes AT-C section 105, Concepts Common to All Attestation Engagements, and AT-C section 205, Examination Engagements, AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy(SOC 2®) using predefined criteria in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, 2017 Trust Services Criteria). SOC 2® reports can be issued on one or multiple Trust Services categories (security, availability, processing integrity, confidentiality or privacy)

The two types of SOC 2® reports are:

(i) Type 1 – A report on management’s description of the service organization’s system and the suitability of the design of the controls;

(ii) Type 2 – A report on management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls.

Use of a SOC 2® report is generally restricted.

shutterstock_633316220-sml

Related services

INTEGRATION SERVICES

The OSS360 platform has been designed to easily integrate with various third party systems and APIs for the purpose of automating tasks receiving and delivering data back and forth.

Find out more

integration-services-busy-office

DOCUMENT DESIGN

We create professional looking custom designed document layouts that are distributed or downloaded documents in the form of statements, invoices, letters, and more.

Find out more

documentation-services-example

PROJECT PLANNING

The key to successful project implementation is precise project planning. Our project managers are among the best at coordinating, communicating, and managing overall projects with key members.

Find out more

project-planning-sml

Connect with us


Learn about how Advantage 360 can help your business drive new growth with our extensive set of features.

Contact us today

Expanded Workflow Rules

In recent months, Advantage 360 has significantly expanded the capabilities of our configurable Workflow Rules. These...

New Provisioning & Mediation Interfaces

In recent months, Advantage 360 has developed a number of new Provisioning and Mediation interfaces to various network...

Hosted or On-Premise Online Charging System (OCS)

For many years A360 was lacking its own Online Charging System. A360 is now part of Lumine Group for which they own and...

New Unified Services System Type

Advantage 360 has taken our experience with various technologies like Cable / IPTV, Landline, Internet, VOIP and have...