Value Statement of a SOC 2 Report
A Service Auditor's Report can help a service organization to:
- Build trust with customers
- Be a key differentiator to prospective clients
- Ensure that all requests from user organizatons and their Auditors rely on the SOC 2 report
How Compass IT Compliance can help you?
For Organizations new to the SOC 2 process or organizations interested in reviewing high risk areas that may have emerged since their last audit, Compass IT Compliance offers the SOC 2 Readiness Assessment.
Services are performed by skilled professionals who have experience in risk and control oriented audits and information security to validate, prior to an actual service audit, the different criteria for the 5 Trust Services Principles defined in conjunction with your CPA firm, ensuring your preparedness and future success for this type of engagement, and reducing the possibility of a qualified opinion or reporting exception.
The Compass Readiness Approach is a multi-step assessment
process outlined below.
Step 1 –SOC 2 Readiness Assessment
The first important step is to review the customer scope of the SOC 2. Compass will review the existing control environment and supply guidance with management’s description of controls. The importance of this step is to become familiarized with the company and the personnel, systems and business processes involved in delivering these products and services to their customers.
Compass will evaluate existing controls in areas such as infrastructure, software, people, procedures, and data.
Step 2 – Compass will provide the necessary clarity around required remediation work prior to your organization’s SOC 2 engagement (Type 1 Report).
Step 3 - Compass can assist with engaging a CPA firm to complete the required Attestation documentation. Compass will partner with you and your organization throughout this crucial final step to ensure a smooth process.