TPAs & The SOC 1 Audit

 By: Mark Welp, CPA, CFE, MAcc- Principal, Audit & Assurance Why Third Party Administrators Should Consider a SOC 1 Report When it comes to the type of organization that makes a good candidate for a SOC 1 Report, Third Party Administrators, also known as TPAs, truly fit the bill. What exactly is a TPA? … Continued

SOC 1 vs. SOC 2

Distinguishing the Benefits, Features & Target Audiences of These SOC Compliance Reports As System and Organization Control audits (SOC) are increasingly becoming a requirement to keep and engage new customers, many service companies struggle to determine whether a SOC 1 or SOC 2 audit is the right fit. Procedurally, these audit exercises are largely the … Continued

Which SOC Report do I need, and why?

Service organization control (SOC) reports come in several varieties. The best part? You don’t need to pass the CPA Exam to figure out which one you may need. They generally pertain to service organizations, like retirement plan record-keepers or third party administrators (TPAs). The American Institute of Certified Public Accountants (AICPA) determines the scope of … Continued


How the EU’s General Data Protection Regulation Can Prepare a Website for a SOC Cybersecurity Audit The European Union recently implemented its General Data Protection Regulation and, if you’re involved in the data privacy sector, you’ve almost certainly heard the term GDPR all too often within the past few months. The European-based regulations have international … Continued

Becoming Familiar with the SOC for Cybersecurity Report

We continue to learn more about the newest type of SOC Report- the SOC for Cybersecurity Report. The existence of this new report is a great thing, as the need for organizations to show that they are keeping a pulse on security threats continues to grow by the day. It has never been more important … Continued

Which SOC Report is right for you?

Which SOC Report is right for you? Wrapping your mind around the importance and many benefits of a SOC Report can be challenging. Understanding which SOC Report is right for your organization can also be confusing. Our hope is that our site makes you understand the different reports a bit better, but when in doubt- … Continued

The SOC for Cybersecurity Report: Who Should be Taking a Closer Look?

The types of SOC Reports available to service organizations continues to grow. It is exciting to see. The various types of examinations that can be performed in the name of getting a true grasp of the control environment makes it easier for an entity to try and mitigate risk. The newest report to become available … Continued

A Closer Look at a Common Cybersecurity Scam

A Closer Look at a Common Cybersecurity Scam By: Pete Rife, CISA, CISSP We live in a world that is increasingly connected to almost every aspect of our daily lives.  As someone who is professionally interested and focused on cybersecurity I spend a great deal of time studying the methods and motivations of the hackers … Continued

Developmental Protection

How the SOC Audit Will Benefit Website Developers In the wake of recent, large-scale data breaches WannaCry and Petya, the web world has called for an increase in cybersecurity measures. No longer can some Average Joe simply download a pre-built WordPress theme, insert a few shady plugins and call themselves a website programmer. To stay … Continued

H&M’s Pete Rife Presents for Conway Center for Family Business

Holbrook & Manter continues to facilitate a quarterly peer group for the Conway Center for Family Business. H&M’s Pete Rife presented at the most recent “Finances for Family Business” peer group meeting on the topic of Cyber Security. Pete touched on various ways that businesses and individuals can become a target for a security breach. … Continued