- Our Firm
- Tax & Accounting
- Audit & Attestation
- Our Specialties
- Resources & Insights
- Contact Us
- Client Login
Let’s Work Together
Get In Touch
Contact our experts for more information about SOC reports and our services.
Need Help Determining the Right SOC Report for Your Company?
SOC engagements have become the industry standard for examining, assessing, and reporting on controls. HAC takes this standard very seriously and aims to continually position itself as the premier provider of quality SOC reports for service organizations who aim to deliver assurance about system controls to its users and their discerning auditors.
Learn about the different types of SOC reports to determine which report is best for your company.
SOC 1® Reports
SOC 1® is a restricted use report on a service organization’s description of its internal controls over financial reporting. The report includes a detailed description of the service organization’s system, the service auditor’s opinion on the fairness of the description, suitability of design, depending on the type of SOC 1® report, the operating effectiveness of controls for the reporting period.
SSAE 16 is a common reference for this report, however it was replaced with SSAE 18 effective as of May 1, 2017.
SOC 2® Reports
SOC 2® is designed to provide management of a service organization, user entities, and other specified parties with information and a CPA’s opinion about controls at the service organization relevant to the security, availability, or processing integrity of a service organization’s system or the confidentiality or privacy of the information processed by that system.
The report includes a detailed description of the service organization’s system, the service auditor’s opinion on the fairness of the description, suitability of design of the controls to meet the applicable trust services criteria, and in a type 2 report, the operating effectiveness of controls for the reporting period.
SOC for Cybersecurity
A reporting framework through which organizations can communicate relevant useful about the effectiveness of their cybersecurity risk management program and CPAs can report on such information to meet the cybersecurity information needs of a brand range of stakeholders.
Remain informed and connected. Follow us and join our mailing list.
Hancock Askew & Co, LLP is committed to complying with the Americans with Disabilities Act (ADA) and Web Content Accessibility Guidelines (WCAG 2.0 AA). For more information or if you need assistance, please contact email@example.com.