Our PCI Guru, Jeff Hall, will be presenting at Secure360, a virtual event scheduled for May 11-12! Ask About Our PCI Services.

SOC 1® (SSAE 18)

Building trust and confidence with your clients.

SOC 1®(SSAE 18)
SOC 1®(SSAE 18)

Get started today

SOC 1®(SSAE 18)

At Auditwerx,
SOC reporting is what we do.

Clients want information about controls over processes that affect their financial statements. A SOC 1® reports on controls at service organizations that provides the confidence clients need on how their data is processed. We are here to help you through the SOC 1® reporting process to gain your clients trust and confidence.

Request a Consultation


Vast Experience.

Our SOC 1® Partners have a minimum of 15 years of professional audit experience in both financial reporting and internal control auditing. A dedicated team will utilize the highest level of business acumen and knowledge to maximize efficiency and drive results.

Unmatched Reporting Quality.

We employ strict quality controls with experienced team members to strengthen your management systems and processes. Our dedication to quality is demonstrated through multiple successful AICPA peer reviews and continuous positive client feedback.

Predictability of Cost.

Unlike most firms, Auditwerx is a true fixed fee firm. Our goal is to provide a service that will not only improve your operations, but also, result in a significant ROI.

SOC for Service Organizations: Internal Controls over Financial Reporting (ICFR)

The goal of a SOC 1® report is to provide an independent third-party opinion of the internal controls that may affect a user entity’s financial reporting. The report is designed to provide comfort to the organization’s users and the users’ auditors regarding the controls in place at the organization.

There are two types of SOC 1®  reports:


Type 1 reports on management’s description of a service organization’s system and the suitability of the design of controls related to the applicable trust services criteria description as of a specified date.  


Type 2 reports on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of the controls related to the applicable trust services criteria throughout a specified period. 

In some cases, clients might have a request to complete a SOC 1® report even though they do not impact their client’s financial reporting or conduct transaction processing operations. In such cases, perhaps a SOC 1® ITGC is the appropriate report for the service organization.

SOC 1® ITGC Control Objectives include:

Risk Assessment

Physical Security


Logical Access/Security

Change Management

Backup and Recovery

What type of SOC report do I need? Download our free tool.​

SOC 1®(SSAE 18)

We are confident that our work will exceed your expectations.

Our communication protocols provide for frequent contact with you throughout the year. Additionally, we understand how to transition new clients and have the tools and processes in place to streamline the transition with minimal disruptions, allowing you to focus on your daily responsibilities. Our approach to the audit engagement results in meeting expected timelines.

Get Started

Get Started