The F&D Process, Risk & Governance (PRG) Practice Group provides customized risk management solutions to improve efficiency and add value. We deliver assurance and consulting services to clients large and small and also have extensive expertise in IT risk management.
A Service Organization Controls (SOC) examination helps service organizations identify and enhance a competitive edge. A SOC examination (formerly SAS 70) proves your commitment to maintaining internal controls by providing third-party attestation to the reliability of the design, implementation and operating effectiveness of your controls. A SOC examination can reduce impact on your internal resources by minimizing the need for external audits and can identify improvements to strengthen your operations.
Learn the differences between a SOC 1 and SOC 2 report, as well as how to choose which is right for your organization. Plus, get insights into the trust principals that are the basis for SOC reporting, such as data privacy.
From our Culture of Compliance podcast, SOC 2 experts of Frazier & Deeter’s own Process, Risk & Governance practice walkthrough the reporting changes.
Learn about the challenges and advantages of the updated “Common Criteria” for SOC 2 reporting, including the Trust Services Principles and Criteria related to Security, Availability, Processing Integrity, Confidentiality and/or Privacy.
As new risks emerge, the American Institute of Certified Public Accountants (AICPA) continues to adapt the standards by which service organizations must address the changing risk landscape. Read more to learn about recent changes.