SOC 1 Reports: How Can They Benefit Your ERISA Plan?

SSAE 16 or SOC reports are typically used by auditors in order to support tasks that have been outsourced by their clients.  However, these reports, which document the controls and results of control testing at a service organization, can be utilized by plan administrators to enhance existing controls and mitigate risks surrounding their ERISA plans.  While these services have been outsourced, plan administrators still have a fiduciary duty to all plan participants to establish effective controls over these functions in order to protect plan assets.  Specifically, an entity will want to utilize a SOC 1 or 2 report.  By obtaining and reading these reports, plan administrators can:

  • Learn about the various controls in place at a service organization and if those controls are operating effectively
  • Assess the risk of gaps occurring between the controls in place at the service organization and the controls in place at their company
  • Determine complimentary controls needed at the company level to mitigate existing risk or to eliminate gaps in controls
  • Gain insight into any potential fraud exposure that an entity may be exposed to by the service organization

By obtaining and reviewing these reports on an annual basis, plan administrators can ensure that it is proactively analyzing risk and adjusting controls when necessary to mitigate risks.  If you have any questions regarding SOC reports, please contact a member of the Schneider Downs team for more information.

© 2014 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

This advice is not intended or written to be used for, and it cannot be used for, the purpose of avoiding any federal tax penalties that may be imposed, or for promoting, marketing or recommending to another person, any tax related matter.

our thoughts on

array(2) { [0]=> string(2) "40" [1]=> string(2) "14" }
ERISA BY Brian Reitz
Bad Fiduciary. What’s it Going to Cost You?
Audit, ERISA BY Joshua Zimmerly
Benefit Plan Audit by Infomercial
Five Questions to Assist With Identifying SOC Report Scope
SOC 2 Reports: Common Control Exceptions and How to Avoid Them
Audit, ERISA BY Todd Lucas
Long-Awaited Employee Benefit Plan Audit Standard Final Balloted
Making Your Benefit Plan Audit Easier

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office

One PPG Place, Suite 1700
Pittsburgh, PA 15222
p:412.261.3644     f:412.261.4876

Map of Columbus Office

65 East State Street, Suite 2000
Columbus, OH 43215
p:614.621.4060     f:614.621.4062