SOC 1 Type 1

A SOC 1 Type 1 (Service Organization Report) assists service organizations that operate information systems and provide information system services to their customers.

SOC 1 Type 2

A SOC 1 Type 2 audit report is specifically intended to examine the effectiveness of the controls put in place by a service organization, relevant to their clients’ financial reporting and statements.

SOC 2 Type 1

A SOC 2 Type 1 report can be used to meet the needs of clients of service organizations that need information and assurance about the controls that impact users’ data.

SOC 2 Type 2

Like SOC 2 Type 1, a SOC 2 Type 2 report looks at the five trust principles of data processing and storage. However, Type 2 provides a higher level of trust and assurance.


What Makes MeredithCPAs’ SOC Audit Process So Efficient & Cost Effective?

Once the type of SOC Audit needed for your organization is finalized, our proprietary SOC Technology is ready to be unpacked. Our auto templates and smart logging features ensure you won’t spend hours entering in the same information multiple times or coming up with new templates from scratch. We focus on efficient communication that takes your time into major consideration and will correspond primarily via phone, email and our secure online portal.

What Does SOC Certified Mean?

SOC stands for: System and Organization Controls. An organization that has passed an audit of internal controls, policies, and procedures by an independent certified public accountant is SOC audit certified.

SOC 1 Report is a report on controls relevant to user entities’ internal control over financial reporting. SOC 1 reports generally apply to third party administrators.

SOC 2 Report focuses on a business’s non-financial reporting controls as they relate to the following assertions: security, availability, processing integrity, confidentiality, and/or privacy. SOC 2 reports generally apply to managed service providers.

Each SOC report may be a Type 1 or Type 2. Type 1 reports on a service organization’s suitability of design of controls on a specific date, while Type 2 reports on the effectiveness of the control design over a period of time.

Do I Need a SOC Report?

Yes, if you are a data provider storing or processing financial information or are a third party administrator. Potential clients seeking to outsource their data storage of financial information will require a provider that is secure and compliant. A SOC report will definitely assist in fulfilling that obligation. Individuals want to be able to trust their data providers with highly confidential information, and a clean SOC report means companies can depend on their hosting provider for secure, compliant hosting.

How Does Being SOC Certified Benefit My Company?

Our SOC Audit service provides an independent examination of the internal controls at your company that benefits you by:

  • Reducing the cost & administrative burden of multiple audits over the same process
  • Identifies potential opportunities to strengthen your business practices & operating environment.
  • Allows your company to show clients & vendors that your internal controls are tested and secure.


Contact us today to discuss which SOC type is right for your organization!