The Nuts and Bolts of a SOC Report

In our interconnected digital world, safeguarding sensitive information and maintaining robust data security practices is at the forefront of business operations. One of the most important tools for achieving this is a System and Organization Controls (SOC) report, which provides a clear assessment of an organization’s control environment regarding data security, availability, processing integrity, confidentiality, … Continued

SOC Reports: Back to the Basics

Our site is full of complex information about SOC reports. However, sometimes it is good to go back to the basics. Especially for readers who are just learning about SOC reports and thier benefits. What exactly is a SOC report? And why is it important? In simple words, a SOC report is a document that … Continued

SOC Reports: The Basics & Getting Started

Companies and service organizations often feel overwhelmed when it comes to learning about SOC reports. This is understandable and it is important to do as much research as possible before selecting a team to work with and embarking on the SOC report journey. In this blog, we will cover some basics about SOC reports, and … Continued

Who MUST sign off on a SOC report and why?

Those needing a SOC Report have more places than ever to turn to for assistance. But not all SOC providers are created equal. Before you embark on the search for the right provider for your company or organization, there is one critical fact about the entire process to keep in mind. Not just anyone can … Continued

Understanding the Auditor Opinions Issued in SOC Reports

The deliverable given to an organization at the conclusion of the SOC Report timeframe covers many elements. Among the most important information within the report is the auditor’s opinion. This supplies the organization with the overall belief of the auditor, after they have reviewed all findings. In this blog, let’s look at those opinions and … Continued

Timing is everything: Why a SOC Report can’t be rushed

By: Pete Rife, CISA, CISSP, CDPSE, ISO 27001 Lead Auditor We often receive inquiries for SOC2 audits and the person needing a SOC2 report is hoping to have it completed as quickly as possible. The issue is almost always is a vital relationship with an important client or an opportunity to sign up a new … Continued


Holbrook & Manter, CPAs(H&M), a professional services firm with over 100 years of market presence, and Blair Carlisle, a cutting-edge global leader in cybersecurity, risk, and compliance consulting services, are joining forces. The entities will work together to serve the needs of organizations seeking cybersecurity risk and compliance services. The H&M and Blair Carlisle teams … Continued

H&M’s Pete Rife contributes to Allinial Global blog about SOC

What does it take to build and grow a successful SOC practice? This is the question that Allinial Global President and SEO Mark Koziel set out to answer in his latest blog. Pete Rife, CISA, CISSP, H&M’s Director of IT Audit served as a source for this piece. You can read it here: Allinial Global … Continued

The Power of Completing a SOC 2 Report

You and your organization are now on the other side of having a SOC 2 audit performed, and you have your final report in your hand.   Congratulations!  You’re SOC 2 Certified!  (Technically, there is no such thing as SOC 2 Certified – completing a SOC examination isn’t a Certification, but rather an “Attestation”)  Your report … Continued

Preparing For A SOC 2 Audit

A well-executed SOC 2 is designed to inspire stakeholder confidence. With adequate preparation, you can ensure the entire process is simplified & successful!