Quick Links

Legal & Sitemap

Home > Services > Consulting > SOC Compliance

SOC Compliance


soc-complianceThe standard for outsourced processes includes three separate types of Service Organization Control (SOC) reports that address assurance for service organizations. For each type of SOC report, there is an accepted professional standard under which the audit will be performed. This allows for a common nomenclature when referring to reports going forward while allowing for a more frequent update of the professional standards.

Generally speaking, companies determine which type of report is most appropriate based on whether or not the services they provide to customers impact their financial reporting. An SOC 2 report is considered narrower in scope, to be distributed only to customers and their auditors. The SOC 3 report is one you might see on a vendor’s website to support its declarations of compliance.

As your change agent, Armanino leads you through the SOC readiness and audit processes. Our team of dedicated and deeply experienced professionals can help you identify gaps in your controls and have you ready to begin your audit process in as little as 6 weeks. Our speed to value continues through the audit and results in a report that is issued within 45 days of your audit period ending. This allows you to have your SOC report into your clients’ hands quickly and well ahead of your competitors. As you repeat the SOC audit every six months or annually, Armanino will remain your partner in streamlining and continuous optimization of the process.


Vendor SOC Audits Are Critical for Hybrid Cloud Users

As companies move to the hybrid cloud, they must make sure their cloud vendors are following secure procedures for the services they provide.

FASB Delays Landmark Revenue Recognition Standard

On July 9, 2015, the FASB officially deferred implementation of the landmark global revenue recognition accounting standard by one year; IASB followed suit on Jul ...

Leveraging SOC Reporting to Build Customer Confidence

SOC compliance requires time and effort, but it also provides an opportunity for service organizations to differentiate themselves in their marketplace.

Changes to the SAS 70 Landscape

The American Institute of CPAs (AICPA) recently issued the new controls auditing standards that build on and replace the almost twenty-year-old SAS 70 standards and will affect reports issued after June 15, 2011.

Five Keys to Success for Your SAS 70 Project

A SAS 70 project requires careful planning, execution and communication between the company and the SAS 70 consultant. Since another company’s auditors will be relying on the SAS 70 report generated, getting it ...

Our Team