SOC 2 Reports

What is a SOC 2 Report?

SOC 2 Reports on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality and Privacy. SOC 2 reports are examination engagements performed by a service auditor (CPA) in accordance with AT-C, using the predefined criteria in TSP section 100, Trust Services Principles, Criteria, and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC 2 reports specifically address one or more of the following five key system attributes:

Security
The system is protected against unauthorized access (both physical and logical);

Availability
The system is available for operation and use as committed or agreed;

Processing Integrity
System processing is complete, accurate, timely and authorized;

Confidentiality
Information designated as confidential is protected as committed or agreed;

Privacy
Personal information is collected, used, retained, disclosed and disposed of in conformity with the commitments in the entity’s privacy notice, and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and Canadian Institute of Chartered Accountants.

Use of a SOC 2 report is generally restricted.

Why Should You Pick Arnett Carbis Toothman LLP (ACT) to Perform Your SOC 2 Audit?

Credentialed & Seasoned Professionals - Our professionals possess excellent credentials for SSAE 18 and technology-based engagements, including the following examples:

  • Certified Public Accountant (CPA)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk Information Systems Control (CRISC)
  • Certified Information Technology Professional (CITP)

The CISA Advantage

A CISA has demonstrated an understanding of each phase of the systems development life cycle, met experience requirements, and maintains a high level of required continuing education. The depth of understanding of information systems places a CISA as a highly qualified information systems consultant and auditor.

Arnett Carbis Toothman LLP's consulting service teams contain a wealth of experience in multiple industries. Our teams are results-driven and seek long-term solutions to the challenges facing businesses today.

Contact an ACT Advisor

For more information, contact your Arnett Carbis Toothman advisor or one of these trusted advisors.

G. Lane Ellis CPA, CISA, CVA, ABV, CGMA lane.ellis@actcpas.com
Chris Joseph CPA, CISA, CRISC, CITP chris.joseph@actcpas.com
Lisa Stover CPA, CITP, CISA, CGMA lisa.stover@actcpas.com