SOC 1

SOC 1 is a report from independent auditors describing a service organization’s internal controls over its customers’ financial information.

A SOC 1 audit covers any technical or procedural control whose failure could impact the customer’s financial statements. Often, customers request SOC 1 reports from cloud providers to meet their internal auditing and compliance requirements.

An auditors final report of the controls for SOC 1 compliance can take one of two formats.

Type 1

If you want to give your customers a snapshot of your controls protecting financial reporting, you can request a SOC 1 Type 1 report.

Auditors evaluate how you describe your systems and controls. They also evaluate the suitability of the controls’ designs in meeting control objectives.

A SOC 1 Type 1 report only assesses the suitability of your controls at a specific point in time. Auditors don’t evaluate the operational performance of these controls over time.

Type 1 reports make sense when providers need to give customers an independent overview of their controls without a long wait.

 

Type 2

To give customers a detailed review of your controls, you’ll need a SOC 1 Type 2 report. On top of the assessments for the Type 1 report, auditors evaluate the operational effectiveness of controls over a specific period of time, commonly referred to as the Observation Period.

Typically, these audits last six or 12 months. Depending on the chosen audit period, you will request audits once or twice a year to keep your compliance status current.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     

Transparent Pricing

SOC 1: Type 1

Only $15K*

Inclusive of everything:

  • SOC 1 Audit Report from a licensed US CPA
  • Readiness assessment: assessing security gaps, putting security controls and practices in place, and documenting those practices.
  • Drafting policies and define controls

* Price subject to change based on certain conditions.

SOC 1: Type 2

Only $17K*

Inclusive of everything:

  • SOC 1 Audit Report from a licensed US CPA
  • Readiness assessment: assessing security gaps, putting security controls and practices in place, and documenting those practices.
  • Drafting policies and define controls

* Price subject to change based on certain conditions.