We are in the direct path of Hurricane Milton. Communications and response will be delayed during this time.

auditwerx soc services icon white

SOC 1® (SSAE 18)

Clients want information about controls over processes that affect their financial statements. A SOC 1 report provides the confidence clients need about how their data is processed.

Full-Service SOC 1 Compliance Solutions

From SOC 1 Readiness to Your Final Report, Our Experienced Team is Here for You at Every Step.

Trust is the most important tool to grow your business, and a SOC 1 report can help differentiate your company from the competition, assuring clients that you have the necessary controls in place to protect the data that could impact their financial reporting.

The goal of a SOC 1 report is to provide an independent third-party opinion of the internal controls that may affect a user entity’s financial reporting. The report is designed to provide comfort to the organization’s users and the users’ auditors regarding the controls in place at the organization. 

Completing your SOC 1 report and enforcing strong security procedures doesn’t have to be difficult. Auditwerx has provided more than 2,500 service organization control audits since 2005. Put our industry expertise to work for your organization.

Learn About Our SOC 1 Compliance Services

By proceeding, you are agreeing to the terms and conditions in the Auditwerx Privacy Policy.

Efficient SOC 1 Readiness Process

Are you new to the SOC 1 reporting process? Security compliance and requirements might seem overwhelming, but not when you have the right partner to guide you through. Our experienced team, combined with our unique “hands on” preparation method, limits guesswork and helps you to quickly prepare for a successful SOC 2 examination.

auditwerx bee headphone icon

What to Expect During Your SOC Examination

Every examination we perform is completed with your end goals in mind. Our communication protocols provide for frequent contact with you throughout the engagement period in order to facilitate delivery on your expected timeline.

SOC 1®(SSAE 18)

We have been working with Auditwerx for the last 3 years on our SOC audit. Their auditors and team have brought a level of expertise and professionalism that has been unmatched…

SOC 1 Report FAQ

(Click for More Details)

There is a lot of information about SOC 1 floating around on the internet. New software tools are popping up everyday claiming to save you time and money when it comes to your security compliance audit. Our detailed FAQ will help breakdown the myths so that you can feel confident in your SOC 1 audit.

The goal of a SOC 1 report is to provide an independent third-party opinion of the internal controls that may affect a user entity’s financial reporting. The report is designed to provide comfort to the organization’s users and the users’ auditors regarding the controls in place at the organization. 

IT general controls typically included, but not limited to, if applicable, in a SOC 1:

Control Environment & Risk Assessment – controls around organization structure; policies and acknowledgements; employee background checks; management meetings/risk assessment
Physical Access – controls around physical access (understanding if servers are onsite or if third-party data centers are used)
Logical Access & Security – controls around logical access granted, modified, and removed, as well as privileged; passwords; websites; infrastructure (firewalls, SFTP, VPN, AV)
System Monitoring – controls around monitoring software and subservice organization monitoring, if applicable
System Change Management – controls around process for internally-developed software (authorization, testing, approval, segregation of duties, source code); patching; infrastructure changes
Backup and Recovery – controls around the backup process (configurations, alerts, logs)

A “Type 1” report analyzes management’s description of a service organization’s system and the suitability of the design of controls related to the applicable trust services criteria description as of a specified date.  

A “Type 2” report analyzes management’s description of a service organization’s system and the suitability of the design and operating effectiveness of the controls related to the applicable trust services criteria throughout a specified period. This type of report offers assurance to your clients on how your systems are used day-to-day. It usually offers a greater level of trust to your clients because they have more visibility into the way your systems are set up.

SOC examinations must be performed by an accredited CPA auditing firm like Auditwerx. Even if other automated software tools claim to save you time or money, that may not necessarily be true if they cannot finalize your report. As the CPA firm that would have to sign off on the report, we would still need to complete the reporting process with you to ensure that all appropriate requirements are met. This could require additional time, money, and headaches that could have been avoided in the first place. 

A SOC 1 Readiness Assessment is your best preparation for a SOC 1 audit. Our experienced audit team works to quickly complete your gap assessment in a timely manner, based on your organization’s unique needs. This will identify any gaps in your compliance controls or processes and allow you to remediate them before they impact your final report.

When it comes to compliance certification, service organizations can often find it difficult to balance customer requirements and ROI.

Our goal is to deliver the efficient compliance assessments you need, at a price that makes sense for your business. Once we have discussed your needs and current environment, there are several factors that impact our cost estimate:

  1. Unlike most firms, Auditwerx is a true fixed fee firm. Our goal is to provide a service that will not only improve your operations, but also, result in a significant ROI.
  2. Very few of our clients experience amendments. When necessary, they are usually the result of a scope expansion.
  3. Our experienced auditors understand what your organization needs from a SOC report, and our low overhead ensures that our pricing is based on your need.

Auditwerx is proud to offer a number of SOC 2 compliance solutions to meet your needs and business goals:

  • SOC 1 Readiness
  • SOC 1 Auditing
  • SOC 1 Type 1
  • SOC 1 Type 2

DISCOVER: What Kind of SOC Report Do You Need?

Our handy guide, “Adding it Up: What Type of SOC Report Do I Need?” is a great starting point to determine what kind of SOC report best fits your company’s business and compliance needs.

When you’re ready to speak with an experienced team about your reporting needs, Auditwerx will be here for you.

Get My Free Download

By proceeding, you are agreeing to the terms and conditions in the Auditwerx Privacy Policy.

Expand Your Knowledge

We use cookies to ensure the best experience. By accessing our site, you agree to our cookie policy.