SOC 2 Examinations – Philadelphia (PA)

SOC 2 Examinations

Philadelphia business owners need to ensure sensitive data is protected, especially when it comes to financial and identification information (i.e. social security numbers) of customers. Ensuring there are robust internal controls and cybersecurity policies and practices in place to protect against a breach is essential. In fact, many customers may expect to see a Systems Organization Control (SOC) Audit report before doing business with a service provider. For this reason, many businesses require a SOC 2 report to demonstrate the effectiveness of risk management efforts.

Philadelphia SOC 2 Audits

McKonly & Asbury provides SOC audits to companies in Philadelphia and across Pennsylvania. Typically, we work with those that use or store sensitive financial and other data that cybercriminals may want. Some examples include data center companies, loan servicing companies, medical claims processors, and payroll companies. Broadly, any service organization that provides services to customers that directly impact the customer’s financial statements would be a candidate for such a report. Service organizations should evaluate their needs along with their customers’ reporting needs prior to determining the type of SOC report that is applicable to their needs. There are two types of SOC 2 audits, including:

SOC 2 Type I – This report is a report on management’s description of a service organization’s system and the suitability of design of controls over Security, Availability, Processing Integrity, Confidentiality, or Privacy. The SOC 2 Type I generally addresses the organization’s system and design effectiveness of controls as they pertain to the applicable trust services criteria. Similar to the SOC 1 Type I the report is made up of a description of the service organization’s “system” and controls, management’s assertion on the presentation and design of controls over Security, Availability, Processing Integrity, Confidentiality, or Privacy, and the auditor’s report and opinion.
SOC 2 Type II – A SOC 2 Type II report is a report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls over Security, Availability, Processing Integrity, Confidentiality, or Privacy. SOC 2 Type II examinations differ from the Type I examination since the reports include an opinion on the operating effectiveness of the controls as well as the design effectiveness. The components of a Type II report are similar to a Type 1 report but are expanded to include the procedures used by the auditor to test the stated controls and the results of such tests.

Additional Healthcare Solutions

McKonly & Asbury also has extensive experience with HIPAA regulations. Learn more about how we can support your security and privacy needs on our HIPAA Compliance page.

Industry Involvement

SOC 2 FAQs

A SOC 2 audit evaluates your organization’s controls against the AICPA Trust Services Criteria framework over security, availability, processing integrity, confidentiality, and privacy. It ensures that your controls are effectively designed and operating to protect sensitive customer information.

Organizations that handle sensitive client data, such as SaaS providers, cloud service platforms, data hosting companies, and healthcare organizations, can benefit from a SOC 2 audit.

SOC 2 Type 1 evaluates the design of your controls at a specific point in time, while SOC 2 Type 2 assesses the design and operating effectiveness of these controls over a defined period (typically 3-12 months).

A SOC 2 audit demonstrates your commitment to data security, giving you a competitive edge. It helps attract new clients, strengthens relationships with existing ones, and assures your clients that their sensitive data is protected.

A SOC 3 audit covers the same criteria as a SOC 2 audit but results in a general-use report that is ideal for public visibility and marketing purposes, making it easier to share your security practices with a wider audience.

The team is very knowledgeable. They take the time necessary to ensure we are prepared before the audit and works very closely during and after.

Contour Data Solutions

Contact Us

McKonly & Asbury provides SOC 2 Audit services remotely to businesses from our Pennsylvania office locations. Interested in learning more about the SOC 2 audit services offered to companies in Philadelphia, and across Pennsylvania? Complete the form below and we will follow up with you shortly.

About Philadelphia (PA)

Philadelphia is the sixth-most populous city in the nation with a population of over 1.5 million people. It is known as the birthplace of America, as it was the site of the signing of the Declaration of Independence in 1776, and it also served as the nation’s capital from 1790 to 1800. Philadelphia is also known for its food scene, particularly its cheesesteaks and soft pretzels. The city is home to numerous parks and green spaces, including Fairmount Park, one of the largest urban parks in the country. Additionally, it is a major center for education, with numerous universities and colleges located in the city, including the University of Pennsylvania, Drexel University, and Temple University.

National Reach

McKonly & Asbury provides SOC 2 reports to companies across the US including those located in Atlanta (GA), Boise (ID), Chicago (IL), Cleveland (OH), Dallas (TX), Denver (CO), Detroit (MI), Houston (TX), Indianapolis (IN), Las Vegas (NV), Little Rock (AR), Milwaukee (WI), Minneapolis (MN), Nashville (TN), Orlando (FL), Omaha (NE), Phoenix (AZ), Portland (OR), Richmond (VA), St Louis (MO), San Diego (CA), Santa Fe (NM), Seattle (WA), Tulsa (OK), and Wichita (KS).