Strengthen your customer’s confidence in your service organization.

While a SOC 1 Report revolves around financial reporting controls, a SOC 2 Report (System and Organization Controls 2 Report) focuses on non-financial controls relevant to the AICPA Categories:

  • Security
  • Availability
  • Processing Integrity
  • Confidentiality
  • Privacy

A SOC 2 is designed for service providers — such as Enterprise IT Outsourcing Services, Managed Security, Customer Support, Healthcare Claims Management & Processing, and FinTech Services —  to share information with their clients about the effectiveness of their controls related to operations

Our SOC 2 Services

This overview is designed to help the service organization prepare for the examination by identifying deficiencies, gaps, and other potential red flags, along with coaching so management can understand their options to repair them.

A SOC 2 Type 1 Report expresses an opinion on the system description and the design of controls placed into operating as of a point in time. Simply put, this report tells your clients, prospective clients, and their auditors that you accurately represented the description of your system of control and describes the controls related to the AICPA Categories that have been placed into operation as of a point in time to meet your service requirements.

A SOC 2 Type 2 Report expresses an opinion on the system description, the design of controls placed into operation and also includes whether controls operated effectively throughout a historical period of time. This is typically a twelve month period. Thus, in addition to what a Type 1 Report addresses, this report incorporates an additional step that 360 Advanced tested the controls and shares the results of those tests.

Learn more about SOC Reports with our free guide.

See what our clients are saying about us.

You deserve a conversation, not a questionnaire.

We build long-term relationships through trust and value. If you’re looking for a trusted business advisor to build your holistic compliance strategy, let’s chat!