SOC 1

SOC 1 audits are a foundational security measure for organizations that handle, process, store, or transmit financial information.

  • SOC 1 readiness assessment

    SOC 1 readiness assessment evaluates an organization’s controls to identify gaps and provide opportunity for remediation prior to the official audit.

  • SOC 1 Report Type 1

    Type 1 reports take a snapshot of an organization’s controls to determine if they are suitably designed and in place. Type 1 reports are a valuable foundational security measure as they can efficiently validate an organization’s scoped system as a whole.

  • SOC 1 Report Type 2

    Type 2 report attests to both the design and the operating effectiveness of controls over a period of time. SOC 1 audit provides assurance of not just how your systems are set up, but how they are used on a day-to-day basis.

  • ISAE 3402

    Customers can integrate ISAE 3402, a global standard closely aligned with SOC 1, into their SOC audit to meet international and U.S. customer requirements all at once.

SOC 2

SOC 2, once a competitive differentiator, is now a table stakes attestation for organizations looking to demonstrate sophisticated, mature cybersecurity and privacy practices.

  • SOC 2 readiness assessment

    SOC 2 readiness assessment evaluates an organization’s controls to identify gaps and provide opportunity for remediation prior to the official audit. Although any organization can opt for a readiness assessment, businesses undergoing SOC audit for the first time often leverage this assessment to bridge any knowledge gaps, understand how controls are evaluated, grasp how SOC attestation impacts the broader business.

  • SOC 2 Report Type 1

    SOC 2 Type 1 reports take a snapshot of an organization’s controls to determine if they are suitably designed and in place. Although they don’t evaluate control effectiveness, Type I reports are a valuable foundational security measure as they can efficiently validate an organization’s scoped system as a whole.

  • SOC 2 Report Type 2

    A Type II report attests to both the design and the operating effectiveness of controls over a period of time. This type of SOC 2 audit provides assurance of not just how your systems are set up, but how they are used on a day-to-day basis.

  • ISAE 3000

    Customers can integrate ISAE 3000, a global standard closely aligned with SOC 2, into their SOC audit to meet international and U.S. customer requirements all at once.