System and Organization Controls (SOC) Attestation

In today’s market, it is important that service organizations exhibit their commitment to internal controls. A System and Organization Controls (SOC) report demonstrates this commitment to a service organization’s customers.

Our Risk Advisory and Compliance Services professionals perform SOC services for a variety of industries. When you choose Moore Colson to perform your SOC 1, 2 and 3 readiness and attest services, you will have a team of professionals with years of SOC reporting experience.

We provide:

• SOC 1, 2 and 3 Readiness Services
• SSAE 18 / SOC 1 type 1 and 2 examinations
• SOC 2 type 1 and 2, and SOC 3 examination based upon AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy

Our approach:

• Planning
• Understanding the service organization
• Evaluating control objectives and controls
• Testing of controls (type 2 only)
• Evaluating management’s description and controls
• Reporting

Additional Resources:

• Understanding SOC Reporting: 4 Frequently Asked Questions
• SOC 2 Reporting Guidance Update