System and Organization Control (SOC) reports allow vendors to articulate their internal control processes to their customers, and organizations to articulate their entity-wide cybersecurity risk management program, and provide peace of mind that those controls have been examined by an independent service auditor. According to the AICPA, “SOC engagements have become the gold standard for examining, assessing and reporting on these controls.”
Baker Tilly’s SOC tip sheet will answer:
- What is a SOC report?
- How to identify the SOC report that’s right for your organization.
- What is the value of a SOC report to my organization?
- What should I do with the SOC report after it is complete?
- Frequently asked questions
For more information on this topic, or to learn how Baker Tilly specialists can help, contact our team.