用草图创建.

SOC 2考试

主要联系人: Eric M. 莱特注册会计师,ctp

SOC 2 – Report on Controls at a Service Organization Relevant to Security, 可用性, 处理完整性, 保密和/或隐私.

With SOC 2 reports, organizations decide which categories to include in the scope of the examination. This flexibility means reports are unique to each company while providing a consistent framework to evaluate whether organizations meet the criteria for the categories included in the examination. These examinations are designed for a broad range of users that need information 和 assurance about the controls at a service organization relevant to security, availability 和 processing integrity of the systems the service organization uses to process users’ data, 和 the confidentiality 和 privacy of the information processed by these systems. 这份报告的使用受到限制. These reports can play an important role in oversight of the organization, 供应商管理程序, 和 internal corporate governance 和 risk management processes.

2017年AICPA信托bet9平台游戏类别

SOC 2交战类型

准备评估 – these reviews are designed to assist service organizations in assessing their preparedness for a SOC 2 examination. 准备评估s are non-attest consulting engagements designed to identify gaps in controls 和 advise the service organization of necessary corrective actions in preparation for the SOC examination. We work closely with the service organization to ensure mutual agreement on the applicable trust services categories 和 criteria, 以及对用户组织的重大风险.

1型 – reports on fairness of the presentation of management’s description of the service organization’s system 和 the suitability of the design of the controls to meet the applicable trust services categories 和 criteria included in the description as of a specified date. The SOC 2 1型 may be beneficial for organizations that have never completed an examination, since it assesses the design of controls at a specified date.

2型 – reports on fairness of the presentation of management’s description of the service organization’s system 和 the suitability of the design 和 operating effectiveness of the controls to meet the applicable trust services categories 和 criteria throughout the specified period. The SOC 2 2型 examination is typically suggested for organizations that have been through a readiness assessment or previously completed a 1型 examination since it assesses both the design 和 operating effectiveness of controls over a period of time.

附加主题

A service organization may request that the SOC report address additional subject matter that is not specifically covered by the trust services categories 和 criteria. 此类主题的例子可包括:

  • bet9平台游戏组织SOC: SOC 2 HITRUST
  • bet9平台游戏机构SOC: SOC 2 CSA STAR认证
  • Compliance with certain criteria based on regulatory requirements (i.e., hipaa, glba)
  • Compliance with certain criteria based on industry requirements (i.e., 支付卡行业数据安全标准(PCI/DSS), American L和 Title Association (ALTA) title insurance 和 settlement company best practices)
  • Compliance with performance criteria established in a service-level agreement

附加SOCbet9平台游戏

SOC资源

关于施耐德唐斯SOCbet9平台游戏

施耐德唐斯对SOC报告采用了独特的方法, 整合资讯科技专业知识, 内部审计和外部审计专业人员. By combining cross-disciplinary knowledge 和 project management expertise, we are able to effectively deliver on our clients’ expectations. If you are interested in learning how we can assist your organization, please contact us to get started or learn more about our practice at SOC.

覆盖全国的

施耐德唐斯为以下公司提供SOC 2报告: 亚特兰大(GA), 奥斯丁(TX), 巴尔的摩(MD), 博伊西(ID), 波士顿(MA), 伯灵顿(VT), 查尔斯顿(SC), 夏洛特(数控), 芝加哥(IL), 辛辛那提(哦), 丹佛(有限公司), 底特律(MI), 休斯顿(TX), 印第安纳波利斯(在), 拉斯维加斯(内华达州); 列克星敦(肯塔基州), 小石城(AR), 洛杉矶(加州); 孟菲斯(TN), 迈阿密(FL), 密尔沃基(WI), 明尼阿波利斯(MN), 新奥尔良(LA); 纽约市(NY), 奥马哈(NE), 费城(PA), 凤凰城(AZ), 匹兹堡(PA), 普罗维登斯(RI), 波特兰(或), 里士满(VA), St. 路易(MO), 圣达菲(新墨西哥州); 西雅图(WA), 华盛顿(D.C.)威明顿市(反).

你的组织需要一个系统和吗
组织控制(soc)报告?

做一个免费的评估测验

了解我们是如何为客户解决大问题的

大问题: 受勒索软件影响的公司.

大的思考: 现场恢复系统,避免六位数的赎金.

阅读案例研究

大问题: 低效的税收抵免实现.

大的思考: Identified A $900,000 Tax Credit, Nearly Twice As Much As Prior Years.

阅读案例研究

我们对

有问题吗?? 问我们!

我们很乐意听到你的消息. Drop us a note, 和 we’ll respond to you as quickly as possible.

违反了?

每一刻都很重要. 紧急请求, contact the Schneider Downs digital forensics 和 incident response team at 1-800-993-8937. 如有其他要求,请填写以下表格.

"*表示必填字段

This field is for validation purposes 和 should be left unchanged.