, the leading provider of information security products and services, has partnered with US-based CPA firm SSAE16 Professionals
to help organisations prepare for and pass a SOC audit.
The partnership is designed to help service organisations with SOC 2 and SOC 3 audit preparation and readiness assessments, delivered by IT Governance’s specialist information security assurance team, alongside the audit reporting and audit completion, delivered by licensed CPA firm SSAE16 Professionals.
Alan Calder, founder and executive chairman of IT Governance, says: “As a major provider of cyber security and information security management expertise, we are delighted that, in conjunction with our partner SSAE16 Professionals, we are able to help our clients prepare and successfully pass the grueling SOC 2 and 3 audits often demanded of US-based organisations, or those companies wishing to do business with clients in the USA or multinationals.
“This partnership enables our clients to undergo the full SOC audit process – being fully prepared – and at a fraction of the cost of that charged by the Big Four audit firms, by virtue of the fact that SSAE16 Professionals is able to conduct the entire audit remotely.”
To meet the requirements of a SOC 2 or 3 audit, organisations need to provide information on non-financial controls that affect data security, privacy, availability, confidentiality and processing integrity.
IT Governance’s SOC audit service
is designed to help service organisations lay the groundwork for a successful SOC 2 or 3 audit by helping them implement and maintain the necessary controls to achieve a successful audit. The audit reports on procedures and controls for operations and monitoring, physical security, procedures and controls for back-up, disaster recovery plans, and procedures and controls for physical and logical access to facilities.
Based on either an ISAE 3402 or SSAE 16 audit, a successful SOC report enables service organisations to partner with a tier one institution without having to undergo extensive due diligence. The report consists of a detailed analysis of the internal management processes and controls that the service organisation employs.
Furthermore, SOC 2 and 3 reports demonstrate an organisation’s commitment to system availability and appropriate data handling.
For more information about IT Governance’s SOC audit preparation service
, please visit our website
, contact our consultancy team directly at firstname.lastname@example.org
or call us on +44 (0) 845 070 1750.