SOC2 and SOC3 engagements are based on pre-defined control objectives established by the AICPA and CICA in the "Trust Services Principles and Criteria" (TSPC) framework. The TSPC are highly technical in nature and require significant information technology expertise to test.
When it comes to getting you ready for your SOC 2 and SOC 3 reports, you can partner with CompliancePoint to get the expertise you need.
We can support you through the entire life cycle of SOC compliance.
Our readiness assessments are designed to assist in assessing your level of preparedness for a SOC 2 (Type 1 or 2) or SOC 3 audit. These are designed to identify those controls based on the AICPA Trust Services and Principles Criteria, which should be implemented prior to an actual audit.
After the Readiness Report is completed, we provide specific steps for improving the overall control environment that meets the SOC requirements. This includes clear communication of the strengths and weaknesses in the current control structure and guidance on remediation of any gaps identified.
Finally, through our partnerships with certified CPA firms, we can provide attestation to validate your compliance with SOC 2 or SOC 3 compliance.
Our assessors and consultants are experts in the focus areas as they pertain to SOC 2 & SOC 3 compliance.