Skip to content
a group of people standing in a room

SOC Services

Providing the assurance your data deserves: Delivering peace of mind through SOC compliance.

Meet Our Team

What Is a SOC Report?

System and Organization Controls (SOC) examination reports provide assurance over the effectiveness of an organization’s controls related to security, confidentiality, availability, processing integrity, and privacy. Many service organizations undergo SOC examinations to demonstrate a commitment to safeguarding sensitive data. 

These reports provide valuable information to customers reliant on third-party vendors for services such as payroll processing, claims processing, and data hosting. Stakeholders can obtain assurance regarding service providers’ controls through a SOC 1, SOC 2, or SOC 3 report. Control attestations such as SOC reports are becoming a standard expectation when clients evaluate potential service providers. 

 EisnerAmper’s Assurance Technology and Control Services Group includes experienced CPAs and audit professionals performing hundreds of annual SOC examinations. We perform all forms of control attestations, including SOC 1, SOC 2, SOC 2+, and SOC 3, across various industries. Our highly credentialed team performs each SOC engagement efficiently and effectively and delivers clear reporting. This allows you to provide timely assurance to business partners, government agencies, and customers and sets you apart from competitors who do not provide SOC reports.  

About SOC Reports

What does it cover?

SOC 1

Internal controls for financial statements and reporting. 

Who needs one?

Organizations providing a service that can impact a client’s financial statements.

Examples include payment processing providers, collections agencies, and payroll companies.

SOC 2

Confidentiality, security, integrity, processing of customer data availability.

Who needs one?

Organizations that store data or transmit any kind of customer data.  

Examples include SaaS companies, data hosting or processing providers, and cloud service providers.

SOC 3

SOC 2 results tailored for a general audience.                                                            

Who needs one?

Organizations that require a SOC 2 report to go to the general public for marketing when using compliance. 

SOC Audit and Consulting Services 

Type 1 and Type 2 SOC Examinations

A Type 1 SOC examination reports on the accuracy of management’s description of the service organization’s system and the suitability of the control design to achieve the stated objectives as of a specified date.  

A Type 2 SOC examination covers all the areas and assertions of a Type 1 examination but also provides assurance over the operating effectiveness of controls throughout a specified period. 

 

SOC Consulting Services

SOC consulting services are designed to help organizations prepare for a first-time SOC 1 or SOC 2 examination (or any other AICPA-sanctioned control attestation service).  The specific objectives within a SOC consulting engagement include:  

  • Identifying the control objectives (SOC 1) or service commitments and system requirements (SOC 2);  
  • Identifying controls in place to meet those objectives or commitments;
  • Evaluating the design effectiveness and implementation of the identified controls;
  • Identifying any gaps or weaknesses; and
  • Developing an action plan to remedy the gaps and weaknesses identified. 

Working With the EisnerAmper SOC Team

  • High retention rate  
    • With a high retention rate, we have an experienced team that brings valuable insights to every project. 
  • Advanced workflow management tools   
    • We leverage advanced workflow management tools to efficiently and seamlessly guide our clients through the entire audit process. 
  • Tailored audit services  
    • We utilize a focused approach, allowing us to customize audit services to meet unique client needs and avoid unnecessary over-auditing. 
  • Comprehensive audit support 
    • We provide the tools and resources to support clients from the initial readiness assessment through to a full type 2 audit, creating a smooth and thorough audit journey. 

What's on Your Mind?

a woman in a suit

Kate M. Siegrist

View Profile
a man in a suit

Rod Smith

View Profile
a man in a suit

Sean P. Linton

View Profile
a man in a suit and tie

Bill Bodner

View Profile

Start a conversation with the team

EisnerAmper needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.

SOC Insights

EisnerAmper can perform all forms of control attestations (including SOC examinations, such as the SOC 1, SOC 2, SOC 2+ or SOC 3).  Our firm performs these engagements across a wide variety of industries allowing the examined organization to distinguish themselves from competitors that do not furnish SOC reports to their client organizations. 

View More Insights

a man holding a magnifying glass and a paper
Article

Selecting the Right Type of Audit for Your Business Needs

Read More
a pair of glasses on a notebook
Article

Healthcare Compliance – A Three Step Journey

Read More
a pen and a calculator on a pile of money
Article

Healthcare Compliance – Which Standard Is Right for Your Organization?

Read More
Explore