What is the purpose of a SOC 2 audit?
Many companies find it cost-efficient to outsource certain services, such as data hosting, colocation, data processing, and Software-as-a-Service (SaaS). The data that is transmitted, stored, maintained, processed and disposed by these service providers must be kept confidential, secure, private and available for use. In addition, a service provider’s system processing must be complete, accurate, timely and authorized. A SOC 2 Report ensures companies that the five Trust Service Principles of Security, Availability, Processing Integrity, Confidentiality, and Privacy are being addressed by their service organization’s controls.
Recently, the American Institute of Certified Public Accountants (AICPA) restructured the criteria for Security, Availability, Processing Integrity and Confidentiality into “Common Criteria” to eliminate redundancy, and to update the criteria based on the latest technologies and the ever-changing business environment. The Privacy principle will undergo a similar revision, effective March 15, 2016.
What type of SOC 2 audits are available?
Similar to SOC 1 audits, I.S. Partners, LLC provides two types of SOC 2 audits for service organizations. A Type 1 audit examines the controls used by service organizations to address any one or all five Trust Service Principles. The audit provides assurance that controls are designed effectively to meet the desired objectives at a point in time.
A Type 2 audit includes the same information as a Type 1 audit, but with the additional attestation that a service organization’s controls are tested for operating effectiveness over a period of time. I.S. Partners, LLC’s SOC 2 reports provide a description of the tests we perform and the results of those tests.
Why should I obtain a SOC 2 examination from I.S. Partners, LLC?
One of the most stressful processes is an internal audit of your system controls. I.S. Partners, LLC takes the anxiety out of the audit process, and provides a comprehensive report that your service organization needs in order to stay in compliance. Your service organization will also receive a Seal of Excellence in the audit report’s opinion letters to show that it successfully completed a SOC 2 audit. This Seal of Excellence can be placed on your company’s website or marketing material to show your customers that you are a trusted and reliable company.
The I.S. Partners SOC 2 Seal of Excellence
I.S. Partners, LLC is the first and only firm with the “seal of excellence” that is granted to SOC 2 Type I and II recipients with unqualified audit opinions. The SOC 2 seal is granted in accordance with TSP Section 100, Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy to Type I and Type II recipients with unqualified audit opinions.
