AICPA SOC for Cybersecurity

Demonstrate the strength of your cybersecurity program to your board, your clients, and potential investors.
What is the AICPA SOC for Cybersecurity?

What is the SOC for Cybersecurity?

Unlike a SOC 1 or SOC 2 examination, the SOC for Cybersecurity is designed to be a communication tool to drive executive-level conversations around cyber risk management. A successful SOC for Cybersecurity examination provides company leadership, board members, and investors with the confidence that your cybersecurity program is aligned with industry standards and equips them with the insight they need to make key business decisions.

Learn More

SOC for Cybersecurity Services

For these types of examinations, Focal Point pairs the experience of our CPA team with the expertise of our cybersecurity specialists to provide you with an insightful report that allows your organization to make smart cyber risk management decisions.

Readiness Assessment

Preparing for a SOC for Cybersecurity is an excellent opportunity to evaluate the effectiveness of the processes, policies, and technologies within your cybersecurity program and identify opportunities for improvement.

Contact Us
01 Assess Program
02 Evaluate Processes
03 Improve Controls

SOC for Cybersecurity

When you’re ready, Focal Point will perform an expert examination of your enterprise cybersecurity program. The resulting report will clearly demonstrate to your organization’s leadership the effectiveness of your cybersecurity program.

Contact Us
01 Expert Examination
02 Compliant Program
03 Report for Leadership

SOC Examinations

In addition to the SOC for Cybersecurity, Focal Point also provides readiness assessment and examination services to companies interested in pursuing SOC 1, 2, 2+, and/or 3 reports.

Learn More
01 SOC 1 Reports
02 SOC 2 & 3 Reports
03 SOC 2 + HITRUST Reports
Choosing the Right Report

Choosing the Right Report

While SOC for Cybersecurity and SOC 2 examinations both have a focus on data security and privacy, these are two distinct reports. The scope of a SOC for Cybersecurity is your enterprise cybersecurity program, and the examination is based on the AICPA’s Description Criteria and either the AICPA Trust Services Criteria, NIST 800-53 framework, or ISO 27001. A SOC for Cybersecurity is an excellent tool for communicating with your executive team, and informing your board, investors, and C-suite on the effectiveness of your program.

Learn More

The Focal Point Difference

At Focal Point, we take a different approach to managing cyber risk.

Cybersecurity Expertise

Focal Point is more than a CPA firm. We have the cybersecurity experts you need to evaluate your program and identify opportunities for improvement.

Compliance Knowledge

Focal Point specializes in the frameworks that make up the foundation of the AICPA's SOC for Cybersecurity. Our experts have hands-on experience working with NIST 800-53, ISO 27000, and more.

Diverse Team

We're not a team of accountants evaluating cybersecurity. Our team is made up of cybersecurity, data privacy, audit, and IT experts who can evaluate your program from every angle.
Have a question?

Contact Us

Focal Point is excited to take on your biggest data risk challenges. If you'd like to speak to a Focal Point expert or inquire about our services, please fill out the following form.

Burke & Associates CPAs, LLP d/b/a Focal Point Data Risk Assurance (“Focal Point Assurance”) is a partner-owned, independent CPA firm licensed in Florida that performs audit, review and other attest services to clients in a variety of sectors.  Focal Point Assurance operates in an alternative practice structure with Focal Point Data Risk, LLC, a professional services firm.  Through separate and independent legal entities, Focal Point Assurance and Focal Point Data Risk, LLC work closely together to serve clients’ business needs.  Focal Point Data Risk, LLC and its affiliated advisory companies are not licensed CPA firms.  Focal Point Assurance and Focal Point Data Risk, LLC are member firms of Focal Point, an affiliation of separate and independent legal professional services firms.  “Focal Point” is the brand name for the Focal Point network.  Any services described herein are provided by Focal Point Assurance or Focal Point Data Risk, LLC (as the case may be) and not by any other member firm of Focal Point.  No member firm of Focal Point has any liability for services provided by other member firms.