AuditOne LLP’s sole focus is to perform SOC reviews and related consulting assessments, and to issue SOC 1, SOC 2, or SOC 3 reports. Our clients benefit from an informed consultation designed to determine the best and most cost-effective strategy to follow in order to meet their goals.
We have focused our considerable industry expertise on creating simple, elegant methodologies that are both quick to perform and easy on the budget. Our staff of highly skilled, audit and technology experts will conduct the appropriate examinations that are customized-to-your-organization and issue the specified report(s) without disruption to your normal productivity. Our success is measured by your success.
Why You Need a SOC Report
Financial institutions, health care providers, and other corporations (user entities) are required to perform due diligence and ongoing monitoring of the safety, integrity and related controls over their data when it is being handled by a third party. SOC reports provide the user entities information on the service provider’s systems and related controls. If you are an organization providing outsourced services to a company, your customer may be required to obtain a SOC report from you.
AuditOne’s SOC Service Offerings:
· Annual SOC Risk Assessments
· Annual Network Vulnerability and Penetration Tests
· Annual SOC 1 or SOC 2 Report
· Annual SOC 3 Report
Annual SOC Risk Assessment
Companies completing a SOC 1, SOC 2 or SOC 3 report must satisfy the AICPA “Identification of Risks” concept. Our risk assessment process normally begins with a cloud-based secure exchange of documents for our review offsite and ends with a week or less on-site to complete.
Annual Network Vulnerability and Penetration Testing
Annual network vulnerability assessment helps you protect your critical IT infrastructure by identifying and validating known security vulnerabilities for both public-facing and internal resources. Penetration testing is about a week-long project, which typically includes both offsite and on-site interaction.
Annual SOC 1 or 2 Report
A SOC Report (Service Organization Controls Report) is a report on Controls at a Service Organization. A SOC audit may include offsite consulting as needed to prepare for first time SOC clients. The SOC audit engagement concludes with either one to two weeks onsite testing, offsite remote testing, or a combination of the two.
Annual SOC 3 Report
A SOC 3 report is a publicly displayable summary version of the SOC 2 report. The SOC 3 website seal can be displayed on your public website after the completion of the audit work and resulting report. A completed SOC 2 Type II audit is required prior to issuing a SOC 3 report.