Article
PodcastSOC Examinations & Reporting
A System and Organization Control (SOC) audit provides transparency about your internal control environment and assurance to other organizations that your controls are in place and are operating effectively. Weaver’s team makes sure your SOC audit and SOC reporting improve your day-to-day operations and your competitive edge.
Let's get startedWeaver’s tailored, hands-on approach offers guidance that goes beyond checking the boxes. We consider your business as a whole, and how SOC reporting can serve as a valuable tool for achieving your long-term strategic objectives. Companies leverage SOC audits and reports for many different reasons. The benefits vary depending on the subject matter (SOC 1, SOC 2 or SOC 3), the timeframe, and your organization’s industry or services.
Trending
Insights & Resources
Our SOC audits and reports provide:
Companies are more likely to trust and invest in your services when they see that your controls have been reviewed and tested by a reputable independent third party. A SOC report enables you to project confidence in your internal control environment.
Some industry regulations require demonstration of internal controls that also apply to outsourced services. An SOC audit can demonstrate compliance with specific security and data-protection standards.
Many companies and organizations prefer to work with service organizations and vendors who have an SOC report available, which differentiates you from your competitors.
When provided by a reputable CPA firm, one SOC report (based on subject matter) can be relied upon by many customers. This reduces your audit costs and your internal compliance burden, and maximizes your ability to offer transparency to your customers.
All SOC examinations must be performed in accordance with Statement on Standards for Attestation Engagements (SSAE), which includes multiple unique reporting channels, each tailored to provide insight on the internal control environment at the entity, service provider and supply chain levels.
SOC 1
Report on internal controls over services relevant to customers of the outsourced services, and their financial advisors. Weaver offers Type 1 reports for a specific point in time, and Type 2 reports for a specific period of time (typically 6 to 12 months).
SOC 2
Report on internal controls over technical subject matter relating to information security and operational risks for internal audits, due dilligence, ongoing vendor management and regulatory compliance. Weaver offers Type 1 reports for a specific point in time, and Type 2 reports for a specific period of time (typically 6 to 12 months).
Weaver’s team ensures you meet the AICPA Trust Services Criteria (TSC) for SOC 2 reporting. The TSC are used to evaluate and report on internal controls over information and systems across an entire entity, at the operating unit level, within a particular function, or for particular types of information.