SOC 2 reports are designed to provide detailed information and assurance attesting that the controls at your organization are consistent with one or more of the 5 Trust Service Criteria established by the AICPA: Security, Availability, Processing Integrity, Confidentiality, and Privacy. A successful SOC 2 examination can help you quickly satisfy contractual obligations and reduce audit requests, streamline vendor questionnaire processes, and separate you from your competitors.
A SOC 2 attestation carefully examines your controls against the AICPA’s Trust Services Criteria, which aligns with a number of key security and privacy frameworks and regulations, so preparation is critical.
Ready for your 2019 examination? So are we. The experience and unique expertise of our team allows us to streamline your examination, so we can deliver an insightful report quickly and efficiently.
As regulations like the GDPR and CCPA arise, audit requests become a bigger burden. To help you streamline these efforts, we can pair your SOC 2 examination with a HITRUST CSF assessment, using guidance from the AICPA and HITRUST.
A SOC 3 report is simply an abbreviated version of a SOC 2 report and can be shared freely. Focal Point can provide a SOC 3 report along with your SOC 2 attestation to help you to generate positive publicity around a successful examination.
SOC 2 examinations are split into two distinct report types: Type 1 and Type 2. A Type 1 report assesses the description of your system, as well as the suitability of your control design as of a specific point in time. A Type 2 report tests the operating effectiveness of your controls to determine if they are supporting your control objectives over a period of time. While the two are very similar, a Type 2 report also includes an opinion on the effectiveness of your controls and a detailed description of our testing procedures and results.
Burke & Associates CPAs, LLP d/b/a Focal Point Data Risk Assurance (“Focal Point Assurance”) is a partner-owned, independent CPA firm licensed in Florida that performs audit, review and other attest services to clients in a variety of sectors. Focal Point Assurance operates in an alternative practice structure with Focal Point Data Risk, LLC, a professional services firm. Through separate and independent legal entities, Focal Point Assurance and Focal Point Data Risk, LLC work closely together to serve clients’ business needs. Focal Point Data Risk, LLC and its affiliated advisory companies are not licensed CPA firms. Focal Point Assurance and Focal Point Data Risk, LLC are member firms of Focal Point, an affiliation of separate and independent legal professional services firms. “Focal Point” is the brand name for the Focal Point network. Any services described herein are provided by Focal Point Assurance or Focal Point Data Risk, LLC (as the case may be) and not by any other member firm of Focal Point. No member firm of Focal Point has any liability for services provided by other member firms.