SOC Reports 101
Depending on the intended purpose, there are three types of SOC reports that can be issued to a service organization by a service auditor: SOC 1, SOC 2, and SOC 3. The following provides a general explanation of each report, as described in the SOC 2 User Guide published by ISACA: SOC 1—Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial...
Read MoreSOC 1, 2, 3: What is the AICPA Trying to Do to Us?
This is a follow-up post to one last month on the differences between the three different types of SOC reports. Attached is a presentation our firm gave at the recent Rocky Mountain Accounting Conference held on September 20, 2012. The presentation is in Apple’s...
Read MoreAICPA SSAE 16 Report Comparison – SOC 1 vs. SOC 2 vs. SOC 3
The American Institute of Certified Public Accountants (AICPA) recently developed a Service Organization Control (SOC) Toolkit for firms that perform SOC engagements and their clients. The toolkit was developed to help firms navigate this emerging service area and help clients, prospects and service organizations understand the benefits of SOC engagements. The toolkit includes a number of free...
Read MoreAICPA Surrenders to the CICA
The American Institute of Certified Public Accountants (AICPA) has officially surrendered to the Canadian Institute of Chartered Accountants (CICA). That’s right surrendered. Did you know that if you want a SOC 3 audit report, prepared using the guidance issued from the AICPA, you have to be licensed by the CICA? Sound crazy? It is… Did you also know that almost no one at...
Read MoreSAS 70, SSAE 16, AT 101, SOC 1, 2, 3, SysTrust and WebTrust. Good Luck.
Recently, the AICPA has started referring to SSAE 16 reports as SOC 1 reports. SOC stands for service organization control reports. Not to be confused with SOX, which most know is an acronym for the Sarbanes-Oxley Act of 2002. In any case, the AICPA is trying to simplify the many different types of reports service organizations can receive by using the terms SOC 1, 2, and 3 in addition to...
Read MoreAbout Linford & Company
We are specialists in the performance of SSAE 16/SOC 1, SOC 2, royalty, and HIPAA/HITECH compliance audits across technical disciplines. We issue SSAE 16/SOC 1 and SOC 2 reports for a wide variety of service organizations that go to many of the largest user organizations in the world. We perform royalty audits on some of the largest consumer brands in the world. Our healthcare team has provided HIPAA/HITECH compliance audits to both covered entities (e.g., hospitals, dental practice groups, etc.) and business associates (e.g., IaaS, PaaS and SaaS, among others).
 |
Follow us on our blog where we provide information about our firm, insight on guidance relevant to our services. |
 |
Subscribe to our newsletter. |
 |
Follow us on Facebook! |
 |
Connect with us on LinkedIn! |