Service Organization Control Attestation Services

Providing confidence and trust to your customers and their auditors
Service organizations of all sizes can demonstrate their commitment to internal controls by proactively obtaining a Service Organization Control (SOC) attestation report. A successful SOC attest report helps to convince customers that controls and processes are functioning as designed and is crucial to remaining competitive in an increasingly crowded marketplace.

There have been numerous adjustments to SOC engagements and standards following the recent change from the Statement on Auditing Standards No. 70 (SAS 70) standards to the Statement on Standards for Attestation Engagements No. 16 (SSAE 16). The changes resulted in the following reporting options to inform your users regarding your controls and processes:

• The SOC 1 report focuses on the controls relevant to a user entity's financial statements, and the use of the report continues to be restricted to the user entity and their financial statement auditor
• The SOC 2 and SOC 3 reports focus on controls relevant to security, availability, processing integrity, confidentiality and privacy

How we can help
Our structure of local dedicated SOC team members reporting up to the national practice provides a boutique-firm focus with a national reach across a wide variety of industries.

Our SOC professionals – who are experienced in information systems, financial reporting processes and your specific industry – help ensure that the proper focus is placed upon relevant controls and processes.

Our proprietary methodology and SOC-specific software drives an efficient delivery of the SOC process. It also helps ensure consistent application of AICPA standards.

For more information, read about the SOC consulting services provided by McGladrey.

Current Thinking and Insight