H&M’s Pete Rife contributes to Allinial Global blog about SOC

What does it take to build and grow a successful SOC practice? This is the question that Allinial Global President and SEO Mark Koziel set out to answer in his latest blog. Pete Rife, CISA, CISSP, H&M’s Director of IT Audit served as a source for this piece. You can read it here: Allinial Global … Continued

The Power of Completing a SOC 2 Report

You and your organization are now on the other side of having a SOC 2 audit performed, and you have your final report in your hand.   Congratulations!  You’re SOC 2 Certified!  (Technically, there is no such thing as SOC 2 Certified – completing a SOC examination isn’t a Certification, but rather an “Attestation”)  Your report … Continued

Preparing For A SOC 2 Audit

A well-executed SOC 2 is designed to inspire stakeholder confidence. With adequate preparation, you can ensure the entire process is simplified & successful!

How the Coronavirus Pandemic May Affect Your SOC 1 or SOC 2 Audit

By: Pete Rife, CISSP, CISA- Director of IT Risk Advisory The coronavirus pandemic is having a dramatic effect on companies large and small across the world and is having a significant impact on how many service companies deliver their services.  The CDC recommendation for social distancing is driving many employers to direct their employees to … Continued

TPAs & The SOC 1 Audit

 By: Mark Welp, CPA, CFE, MAcc- Principal, Audit & Assurance Why Third Party Administrators Should Consider a SOC 1 Report When it comes to the type of organization that makes a good candidate for a SOC 1 Report, Third Party Administrators, also known as TPAs, truly fit the bill. What exactly is a TPA? … Continued

SOC 1 vs. SOC 2

Distinguishing the Benefits, Features & Target Audiences of These SOC Compliance Reports As System and Organization Control audits (SOC) are increasingly becoming a requirement to keep and engage new customers, many service companies struggle to determine whether a SOC 1 or SOC 2 audit is the right fit. Procedurally, these audit exercises are largely the … Continued

Which SOC Report do I need, and why?

Service organization control (SOC) reports come in several varieties. The best part? You don’t need to pass the CPA Exam to figure out which one you may need. They generally pertain to service organizations, like retirement plan record-keepers or third party administrators (TPAs). The American Institute of Certified Public Accountants (AICPA) determines the scope of … Continued


How the EU’s General Data Protection Regulation Can Prepare a Website for a SOC Cybersecurity Audit The European Union recently implemented its General Data Protection Regulation and, if you’re involved in the data privacy sector, you’ve almost certainly heard the term GDPR all too often within the past few months. The European-based regulations have international … Continued

Becoming Familiar with the SOC for Cybersecurity Report

We continue to learn more about the newest type of SOC Report- the SOC for Cybersecurity Report. The existence of this new report is a great thing, as the need for organizations to show that they are keeping a pulse on security threats continues to grow by the day. It has never been more important … Continued

Which SOC Report is right for you?

Which SOC Report is right for you? Wrapping your mind around the importance and many benefits of a SOC Report can be challenging. Understanding which SOC Report is right for your organization can also be confusing. Our hope is that our site makes you understand the different reports a bit better, but when in doubt- … Continued