SOC Consulting Services - SOC Examination Services - SOC Consultants - Charlotte NC - Orlando FL
SOC Consulting Services - SOC Examination Services - SOC Consultants - Charlotte NC - Orlando FL

SOC 2 Readiness Assessment


We’ll Help You Prepare for Your SOC 2 Examination


Let us help you prepare for your SOC 2 examination. If you have not been previously certified a SOC 2 Readiness Assessment will identify gaps in your internal control framework in comparison to SOC 2 trust services criteria requirements. Our approach includes the following:

We evaluate and map your policies, procedures, and supporting documentation to SOC 2 trust services criteria.

We identify gaps between your documentation and trust service criteria requirements and provide you recommendations.

We communicate gaps and recommendations in a formal SOC 2 Readiness Assessment Report.

Download our Free SOC 2 Readiness Assessment Benefits

SOC 1 Examination


We Can Perform Your SOC 1 Examination


A SOC 1 examination can be performed as a Type I or Type II examination. In both instances, an opinion is provided for a for a system that is defined as the people, processes, and information technology used in providing products or services to customers as they relate to financial reporting. The scope of a SOC 1 may include financial, operational, and information technology controls. A SOC 1 plays an important role in your customer’s external financial statement audit.



Two Types of SOC 1 Examinations Exist:



A Type I examination provides an opinion on whether the description of the system fairly represents the design of controls in place to achieve control objectives related to financial reporting. A SOC 1, Type I examination is performed as of a point in time. The distribution of a SOC 1, Type I report is restricted.


A Type II examination provides an opinion on whether the description of the system is fairly presented and whether the controls designed are operating effectively to achieve control objectives related to financial reporting. A SOC 1, Type II examination is performed as over a period of time. The distribution of a SOC 1, Type I report is restricted.

SOC 2 Examination


We Can Perform Your SOC 2 Examination


A SOC 2 examination can be performed as a Type I or Type II examination. In both instances, an opinion is provided on the controls designed in your policies, procedures, and processes governing the system used to provide products and services to your customers. Your policies, procedures, and processes must meet the requirements of one or more trust services categories and criteria. The trust services categories include Security, Availability, Confidentiality, Processing Integrity, and Privacy. Trust services categories are selected by you and are based on the product or service provided and the industry that you operate in.

Download our Free Guide on Selecting Trust Service Categories and Criteria



Two Types of SOC 2 Examinations Exist:



Type I examination provides an opinion on whether the description of the system fairly represents the design of the controls in place to meet product and service commitments and system requirements for the selected trust services criteria. SOC 2 Type I examination is performed as of a point in time. The distribution of a SOC 2, Type I report is restricted.


Type II examination provides an opinion on whether the description of the system is fairly represented and whether the controls designed are operating effectively to meet product and service commitments and system requirements for the selected trust services criteria. A SOC 2 Type II examination is performed over a period of time called a service period. The distribution of a SOC 2, Type II report is restricted.
SOC Consulting Services - SOC Examination Services - SOC Consultants - Charlotte NC - Orlando FL

SOC 2 Plus+ Examination


We Can Perform Your SOC 2+ Examination


A SOC 2 Plus+ examination can either by a Type I or Type II and also includes the assessment of additional security and privacy compliance requirements in addition to trust services criteria. This criteria may be defined by NIST’s Cybersecurity Framework, HIPAA/HITECH, the Cloud Security Alliance’s Cloud Control Matrix (CCM), ISO: 27001, or the GDPR regulation to name a few.

SOC 3 Examination


We Can Perform Your SOC 3 Examination


A SOC 3 examination is an extension of a SOC 2 examination where a separate opinion and report is provided on whether the system achieved trust services criteria only. Many organizations choose to extend the reach of their SOC 2 by having a SOC 3 done. The distribution of a SOC 3 report is not restricted and can be posted on a public facing website.

A SOC 3 examination allows you to market your products and services to future customers.

SOC for Cybersecurity Examination


Policies, Procedures, and Controls


A SOC for Cybersecurity examination provides an opinion on the design and operating effectiveness of controls within a Cybersecurity Risk Management Program. This Program is defined as the policies, procedures, and controls designed to protect information and systems from security events through the execution of timely detection, response, mitigation, and recovery activities. Similar to a SOC 2 examination, a type I or type II can be performed and can include one or more trust service categories. Organizations can also use numerous frameworks to develop their Cybersecurity Risk Management Program.
North Carolina Web Design and Photography