What Does SOC Certified Mean?

SOC stands for: System and Organization Controls.  An organization that has passed an audit of internal controls, policies, and procedures by an independent certified public accountant is SOC audit certified.

SOC 1 Report is a report on controls relevant to user entities’ internal control over financial reporting. SOC 1 reports generally apply to third party administrators.

SOC 2 Report focuses on a business’s non-financial reporting controls as they relate to the following assertions: security, availability, processing integrity, confidentiality, and/or privacy.  SOC 2 reports generally apply to managed service providers.

Each SOC report may be a Type 1 or Type 2. Type 1 reports on a service organization’s suitability of design of controls on a specific date, while Type 2 reports on the effectiveness of the control design over a period of time.

Do I Need a SOC Report?

Yes, if you are a data provider storing or processing financial information or are a third party administrator. Potential clients seeking to outsource their data storage of financial information will require a provider that is secure and compliant.  A SOC report will definitely assist in fulfilling that obligation. Individuals want to be able to trust their data providers with highly confidential information, and a clean SOC report means companies can depend on their hosting provider for secure, compliant hosting.

How Does Being SOC Certified Benefit My Company?

Our SOC Audit service provides an independent examination of the internal controls at your company that benefits you by:

  • Reducing the cost & administrative burden of multiple audits over the same process
  • Identifies potential opportunities to strengthen your business practices & operating environment.
  • Allows your company to show clients & vendors that your internal controls are tested and secure.

What is the MeredithCPAs SOC Audit Process?

Our process generally takes six to eight weeks, including a one to two day site visit. We will provide a task list and walk you through each step. We focus on communications and will correspond primarily via phone, email and our secure online portal.

Contact us today to discuss which SOC type is right for your organization!