SOC 2 Type 1 and Type 2 Audits & Assessments

SOC 2 AT 101 Type 1 and Type 2 assessments are provided by NDB Accountants & Consultants, LLP (NDB) at competitive, fixed-fee rates, and to businesses all throughout North America and beyond.  SOC 2 reports, for which you can receive either a SOC 2 Type 1 or Type 2, are part of the AICPA Service Organization Control (SOC) framework.  Additionally, SOC 2 reports are conducted in accordance with AT 101, a professional standard that provides general guidance on attest engagements performed by practitioners (i.e., certified public accountants). Many organizations that don't have a clear relationship or nexus to internal controls related to financial reporting (a concept known as ICFR), should consider undertaking a SOC 2 assessment, or possibly even a SOC 3 assessment.  SOC 2 reports were designed by the AICPA to include the ever-growing number of technology service organizations, such as Software as a Service (SaaS) entities, data centers, and many other related "cloud computing" environments.  Additionally, SOC 2 reports rely on the Trust Services Principles (TSP) as the essential framework of the assessment itself.  Specifically, the Trust Service Principles (TSP) consists of the following:

      • Security
      • Availability
      • Processing integrity
      • Confidentiality
      • Privacy

SOC 2 AT 101 Reporting

Initially, the SOC 2 reporting option did not generate much interest from service organizations and service auditors alike, but this is quickly changing as interested parties are finding real value in SOC 2 reports.  Much of this is based on the fact that a large and growing number of service organizations are identified as technology entities, thus the SOC 2 framework is more applicable to their business environment.  Some organizations are opting for both SOC 1 and SOC 2 reports in order to suffice for their customers' requirements for reporting on internal controls.

SOC 2 Resource Guide

Interested parties can learn much more about SOC 2 reporting from NDB's official SSAE 16 Resource Guide, a site dedicated to all facets of Service Organization Control (SOC) reporting options, which are SOC 1, SOC 2 and SOC 3.  Learn more about notable topics related to SOC 2 reporting, such as the following:

      • SOC 1 vs. SOC 2
      • SOC 2 Reporting Framework
      • SOC 2 Compliance
      • AT Section 101
      • SOC 3

NDB can provide your organization with a competitive, fixed-fee for your SOC 2 AT 101 Type1 or Type 2 assessment.  For more information about SOC 2 reports, please contact us today or call Christopher Nickell at 1-800-277-5415, ext. 706 or at This email address is being protected from spambots. You need JavaScript enabled to view it. to discuss your needs.

 

From I.T.consultants to seasoned regulatory compliance auditors, our firm's wide expertise is diverse, cross-functional, and highly experienced in all our service lines.

From I.T.consultants to seasoned regulatory compliance auditors, our firm's wide expertise is diverse, cross-functional, and highly experienced in all our service lines.