SOC Reporting

SOC 2 – Type I and II

SOC Reporting – When to Choose a SOC 2 Report

Whether your company is new to the SOC reporting process and in need of significant guidance or your company has been audited many times, PKM has skills and expertise to ensure an air-tight SOC report. Because our clients are typically required to demonstrate compliance with sophisticated IT frameworks and withstand high due diligence standards, we have experience working with companies that are under substantial scrutiny.

If you are new to the SOC reporting process, it is important to know the difference between the various types of attestation standards. A SOC 2 audit is based on the Trust Services Principles from the AICPA, which can include security, availability, confidentiality, processing integrity and privacy. These audits are not designed for entities that process financial transactions, but rather for businesses that are focused on providing managed security or co-location services as well as entities that hold significant third-party data but do not process financial transactions.

A Full Suite of SOC Reporting Services

There are some entities that require both a SOC 1 and SOC 2 report. Just like a SOC 1 report, a SOC 2 report also comes in two types – Type I and Type II. The main difference is that a Type I report is conducted as of a “point in time,” whereas a Type II report covers a “period of time.” A Type II report is the most common type.

At PKM, we have provided third-party examination (SOC Reporting and its predecessor SAS 70) services for over 20 years. We have built a team to serve companies that count their own clients as some of the largest financial service companies in the United States. The end result is a SOC report that provides confidence to the scrutinizing parties and ultimately helps our clients win more customers and drive growth.

Getting ready?

Are you getting ready for an upcoming SOC or other third party attestation report? Learn about some of the most common pitfalls to avoid here.

Compliance Corner

Top Pitfalls to Avoid When Preparing for a Third Party Attestation Report

Read More

Compliance Corner

The New SOC 2

Read More