• Third Party Assurance

    Effective solutions to managing third party relationship risk

SOC 2, SOC 2+ and SOC 3

SOC2, SOC 2+ and SOC 3 reports provide assurance on third-party systems and processes not directly relevant to financial reporting. These reports cover information security, availability, integrity, privacy, and confidentiality.

Many organizations outsource the collection, storage, or transmission of information. We provide SOC2, SOC 2+ and SOC 3 reports to assess the oversight and governance at the third-party organization. This is particularly important when the physical location is remote and difficult to inspect, as is often the case with cloud-based processing and storage solutions.

SOC 2, SOC 2+ and SOC 3 reports are related but different:

  • SOC 2 compliance covers the operations of a service organization.
  • SOC 2+ compliance includes additional topics specific to users’ unique requirements, such as HITRUST, ISO-27001 and NIST. If planned properly, this audit approach can reduce compliance costs and efforts by streamlining controls testing and combining assurance reporting in one report.
  • SOC 3 compliance is less detailed than SOC 2 compliance, and it is meant to be publicly available. SOC 3 reports are designed to meet the needs of users who require assurance about the controls at a service organization. 
Our professionals develop two types of SOC 2, SOC 2+ and SOC 3 reports:
  • Type I attests that internal controls are suitably designed
  • Type II attests that internal controls are suitably designed and operating effectively

 

Recommended Resources
7 SOC COMPLIANCE MISTAKES – AND HOW TO AVOID THEM
7 SOC COMPLIANCE MISTAKES – AND HOW TO AVOID THEM

You need a SOC report as quickly as possible to win new customers but...

Download Report
PREVENT AN EQUIFAX-TYPE DATA BREACH
HOW TO PREVENT AN EQUIFAX-TYPE DATA BREACH IN YOUR COMPANY

Learn what you can do...

Download Report
GDPR AND SOC CYBERSECURITY
GDPR PRIVACY AND CYBERSECURITY COMPLIANCE - THE SOC CONNECTION

How will the new GDPR impact your business?

Download Report