Your browser is out of date.

You are currently using Internet Explorer 7/8/9, which is not supported by our site. For the best experience, please use one of the latest browsers.

866.430.2595
Request a Consultation
Scroll to Explore
banner

SOC 1,2,3 + SSAE 18 Compliance Services

Increase customer confidence and trust through reasonable assurance.

Get Started

SOC Reports for Service Organizations

IT audits can be an intimidating, if not an overwhelming process for companies of all sizes. With TRUE, it doesn’t have to be. Our deep experience designing and implementing security programs as well as auditing their effectiveness uniquely positions TRUE as your preferred Service Organization Control (SOC) information security partner. Professionals at TRUE will help guide you through all necessary steps to review and validate your information security processes and controls and identify gaps in order to prepare you for a successful SOC audit.

Information Security Process Review Information Security Process Review
Internal Controls Assessment Internal Controls Assessment
Policy & Procedure Documentation Policy & Procedure Documentation

SOC 1

  • Internal Controls
  • Financial Reporting
  • Type 1 - design of the controls
  • Type 2 - design and operating effectiveness of the controls

SOC 2

  • Internal Controls
  • Security, availability, and processing integrity of systems
  • Confidentiality and privacy of user information
  • Type 1 - design of the controls
  • Type 2 - design and operating effectiveness of the controls

SOC 3

  • Internal Controls
  • Security, availability, processing integrity confidentiality, or privacy
  • Because they are general use reports, SOC 3 reports can be freely distributed.

SOC 1,2,3 + SSAE 18

The AICPA’s SAS No. 70, Service Organizations, has evolved into a family of Service Organization Control (SOC) Reports, which relate to information security and provide assurances about privacy and confidentiality controls as well as the security, availability, and processing integrity of their systems.

As companies are increasingly adopting vendor management programs to assess the IT security of their vendors, the demand for SOC Reporting is on the rise. Our experts are available to provide service organizations with audit preparation consulting, coaching, IT GRC services, and security program development guidance to ensure necessary controls are in place for future successful SOC engagements.

The typical SOC 2, type 2 audit preparation engagement includes the following:

  • Identification and capture of your existing internal controls.
  • Development of controls to address any gaps in compliance.
  • A full set of policy and procedure documentation that supports and aligns with existing and newly developed controls.
ssae 18 compliance

Get Started with True Digital Security

Start Protecting Your Business’s Data and Have Digital Security Preparedness.
Whether you need to build a Security Incident Response Plan or have an immediate remediation.

Request a Consultation

Contact Us

Let us know your business needs and we will make sure to get back with you promptly!

* denotes required fields