How the Coronavirus Pandemic May Affect Your SOC 1 or SOC 2 Audit

By: Pete Rife, CISSP, CISA- Director of IT Risk Advisory The coronavirus pandemic is having a dramatic effect on companies large and small across the world and is having a significant impact on how many service companies deliver their services.  The CDC recommendation for social distancing is driving many employers to direct their employees to … Continued

TPAs & The SOC 1 Audit

 By: Mark Welp, CPA, CFE, MAcc- Principal, Audit & Assurance Why Third Party Administrators Should Consider a SOC 1 Report When it comes to the type of organization that makes a good candidate for a SOC 1 Report, Third Party Administrators, also known as TPAs, truly fit the bill. What exactly is a TPA? … Continued

SOC 1 vs. SOC 2

Distinguishing the Benefits, Features & Target Audiences of These SOC Compliance Reports As System and Organization Control audits (SOC) are increasingly becoming a requirement to keep and engage new customers, many service companies struggle to determine whether a SOC 1 or SOC 2 audit is the right fit. Procedurally, these audit exercises are largely the … Continued

Which SOC Report do I need, and why?

Service organization control (SOC) reports come in several varieties. The best part? You don’t need to pass the CPA Exam to figure out which one you may need. They generally pertain to service organizations, like retirement plan record-keepers or third party administrators (TPAs). The American Institute of Certified Public Accountants (AICPA) determines the scope of … Continued


How the EU’s General Data Protection Regulation Can Prepare a Website for a SOC Cybersecurity Audit The European Union recently implemented its General Data Protection Regulation and, if you’re involved in the data privacy sector, you’ve almost certainly heard the term GDPR all too often within the past few months. The European-based regulations have international … Continued

Becoming Familiar with the SOC for Cybersecurity Report

We continue to learn more about the newest type of SOC Report- the SOC for Cybersecurity Report. The existence of this new report is a great thing, as the need for organizations to show that they are keeping a pulse on security threats continues to grow by the day. It has never been more important … Continued

Which SOC Report is right for you?

Which SOC Report is right for you? Wrapping your mind around the importance and many benefits of a SOC Report can be challenging. Understanding which SOC Report is right for your organization can also be confusing. Our hope is that our site makes you understand the different reports a bit better, but when in doubt- … Continued

The SOC for Cybersecurity Report: Who Should be Taking a Closer Look?

The types of SOC Reports available to service organizations continues to grow. It is exciting to see. The various types of examinations that can be performed in the name of getting a true grasp of the control environment makes it easier for an entity to try and mitigate risk. The newest report to become available … Continued

A Closer Look at a Common Cybersecurity Scam

A Closer Look at a Common Cybersecurity Scam By: Pete Rife, CISA, CISSP We live in a world that is increasingly connected to almost every aspect of our daily lives.  As someone who is professionally interested and focused on cybersecurity I spend a great deal of time studying the methods and motivations of the hackers … Continued

Developmental Protection

How the SOC Audit Will Benefit Website Developers In the wake of recent, large-scale data breaches WannaCry and Petya, the web world has called for an increase in cybersecurity measures. No longer can some Average Joe simply download a pre-built WordPress theme, insert a few shady plugins and call themselves a website programmer. To stay … Continued