SOC Reports: The Basics & Getting Started

Companies and service organizations often feel overwhelmed when it comes to learning about SOC reports. This is understandable and it is important to do as much research as possible before selecting a team to work with and embarking on the SOC report journey. In this blog, we will cover some basics about SOC reports, and … Continued

Who MUST sign off on a SOC report and why?

Those needing a SOC Report have more places than ever to turn to for assistance. But not all SOC providers are created equal. Before you embark on the search for the right provider for your company or organization, there is one critical fact about the entire process to keep in mind. Not just anyone can … Continued

Understanding the Auditor Opinions Issued in SOC Reports

The deliverable given to an organization at the conclusion of the SOC Report timeframe covers many elements. Among the most important information within the report is the auditor’s opinion. This supplies the organization with the overall belief of the auditor, after they have reviewed all findings. In this blog, let’s look at those opinions and … Continued

Timing is everything: Why a SOC Report can’t be rushed

By: Pete Rife, CISA, CISSP, CDPSE, ISO 27001 Lead Auditor We often receive inquiries for SOC2 audits and the person needing a SOC2 report is hoping to have it completed as quickly as possible. The issue is almost always is a vital relationship with an important client or an opportunity to sign up a new … Continued


Holbrook & Manter, CPAs(H&M), a professional services firm with over 100 years of market presence, and Blair Carlisle, a cutting-edge global leader in cybersecurity, risk, and compliance consulting services, are joining forces. The entities will work together to serve the needs of organizations seeking cybersecurity risk and compliance services. The H&M and Blair Carlisle teams … Continued

H&M’s Pete Rife contributes to Allinial Global blog about SOC

What does it take to build and grow a successful SOC practice? This is the question that Allinial Global President and SEO Mark Koziel set out to answer in his latest blog. Pete Rife, CISA, CISSP, H&M’s Director of IT Audit served as a source for this piece. You can read it here: Allinial Global … Continued

The Power of Completing a SOC 2 Report

You and your organization are now on the other side of having a SOC 2 audit performed, and you have your final report in your hand.   Congratulations!  You’re SOC 2 Certified!  (Technically, there is no such thing as SOC 2 Certified – completing a SOC examination isn’t a Certification, but rather an “Attestation”)  Your report … Continued

Preparing For A SOC 2 Audit

A well-executed SOC 2 is designed to inspire stakeholder confidence. With adequate preparation, you can ensure the entire process is simplified & successful!

How the Coronavirus Pandemic May Affect Your SOC 1 or SOC 2 Audit

By: Pete Rife, CISSP, CISA- Director of IT Risk Advisory The coronavirus pandemic is having a dramatic effect on companies large and small across the world and is having a significant impact on how many service companies deliver their services.  The CDC recommendation for social distancing is driving many employers to direct their employees to … Continued

TPAs & The SOC 1 Audit

 By: Mark Welp, CPA, CFE, MAcc- Principal, Audit & Assurance Why Third Party Administrators Should Consider a SOC 1 Report When it comes to the type of organization that makes a good candidate for a SOC 1 Report, Third Party Administrators, also known as TPAs, truly fit the bill. What exactly is a TPA? … Continued