SOC 1 Audits
SOC 1 Examinations
Ohio business owners need to ensure sensitive data is protected, especially when it comes to financial and identification information (i.e. social security numbers) of customers. Ensuring there are robust internal controls and cybersecurity policies and practices in place to protect against a breach is essential. In fact, many customers may expect to see a Service Organization Control (SOC) Audit report before doing business with a service provider. This audit verifies that the tools, processes, and procedures have been tested and are effective. Some may desire a SOC 1 audit, while others will obtain more value from a SOC 2 audit or SOC 3 audit. Whatever the desired level of assurance, it’s important to work with an experienced provider to drive the process.
Cleveland SOC Audits
McKonly & Asbury provides SOC audits to companies in Cleveland, Columbus, and across Ohio. Typically, we work with those that use or store sensitive financial and other data that cybercriminals may want. Some examples include data center companies, loan servicing companies, medical claims processors, and payroll companies. Broadly, any service organization that provides services to customers that directly impact the customer’s financial statements would be a candidate for such a report. Service organizations should evaluate their needs along with their customers’ reporting needs prior to determining the type of SOC report that is applicable to their needs. There are two types of SOC 1 audit, including:
- SOC 1 Type I – These reports are defined as a report on the fairness of the presentation of management’s description of a service organization’s system and the suitability of the design of controls to meet the related control objectives. SOC 1 Type I examinations focus on the service organization’s system narrative, as well as the design effectiveness of the controls within the system, and are focused on the system and controls in place at a specific point in time.
- SOC 1 Type II – These reports are defined as a report on the fairness of the presentation of management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls to achieve the related control objectives. SOC 1 Type II examinations differ from the Type I examination since the reports include an opinion on the operating effectiveness of the controls, in addition to the design effectiveness covered in Type I.
Ohio Small Business Information
McKonly & Asbury provides SOC 1 Audit services remotely to businesses in Ohio from our Pennsylvania office locations. Interested in learning more about the SOC 1 audit services offered to companies in Cleveland Columbus, and across Ohio? Complete the form below and we will follow up with you shortly.