SOC 1 Examinations

Primary Contact: Eric M. Wright CPA, CITP

SOC 1 - Report on Controls at a Service Organization Relevant to User Entities' Internal Control over Financial Reporting (ICFR).  

SOC 1 examinations focus on an organization’s business processes and IT controls and are specifically designed to meet the needs of entities that use service organizations and their external auditors as they evaluate the effect of the controls at the service organization on user entities’ financial statements. Use of these reports is restricted to the management of the service organization, user entities and user auditors.

Types of SOC 1 Engagements

Readiness Assessment - these reviews are designed to assist service organizations in assessing their preparedness for a SOC 1 examination. Readiness Assessments are non-attest consulting engagements designed to identify gaps in controls and advise the service organization of necessary corrective actions in preparation for the SOC examination. Schneider Downs works closely with the service organization to ensure mutual agreement on the control objectives and risks significant to user organizations.

Type 1 - reports on fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date. The SOC 1 Type 1 may be beneficial for organizations that have never completed an examination, since it assesses the design of controls at a specified date.

Type 2 - reports on fairness of the presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout the specified period. The SOC 1 Type 2 examination is typically suggested for organizations that have been through a readiness assessment or previously completed a Type 1 examination, since it assesses both the design and operating effectiveness of controls over a period of time.

Additional SOC Services

SOC Resources

About Schneider Downs SOC Services

Schneider Downs employs a unique approach to SOC reports, integrating the expertise of information technology, internal audit and external audit professionals. By combining cross-disciplinary knowledge and project management expertise, we are able to effectively deliver on our clients' expectations. If you are interested in learning how we can assist your organization, please contact us to get started or learn more about our practice at www.schneiderdowns.com/soc.

Does your organization need a system and organization controls (SOC) report?

case studies

 
Let’s discuss preventing ransomware attacks on your company. Email me directly <a href='mailto:twarren@schneiderdowns.com?cc=contactSD@schneiderdowns.com'>here</a>.
big problem:
Let’s discuss preventing ransomware attacks on your company. Email me directly here.
big thinking:
Company impacted by ransomware.
 
Let’s discuss opportunities to reduce your company’s tax burden. Email me directly <a href='mailto:dmorally@schneiderdowns.com?cc=contactSD@schneiderdowns.com'>here</a>.
big problem:
Let’s discuss opportunities to reduce your company’s tax burden. Email me directly here.
big thinking:
Inefficient tax credit realization.

our thoughts on

Individual Tax Filing Season to Begin January 24

Learn more about US individual tax filing season beginning when the agency starts accepting and processing 2021 tax returns on January 24, 2022.

read more >

New Pennsylvania Electronic Payment Requirements for Personal Tax Payments Greater than $15,000 Beginning January 1, 2022.

Learn more about the January 1, 2022 requirement that personal income tax payments equal to or greater than $15,000 must be paid electronically.

read more >

Schneider Downs Trucking Industry Whitepaper Series Update

Explore critical topics facing the trucking industry in our State of the Industry whitepaper series from Schneider Downs and the Ohio Trucking Association.

read more >

Apache Log4j Vulnerability Update – Government Responses and Ransomware Activity

The article provides a comprehensive update on government responses and ransomware activity associated with the Apache Log4j vulnerability.

read more >

Apache Log4j Vulnerability Update

Learn more about the Apache Log4j remote code execution vulnerability and why this is already regarded as one of worst software flaws in years.

read more >
contact us

contact us