IT Governance, the leading provider of information security products and services, has launched a new consultancy service to deliver SOC 2 and 3 audit preparation assistance, based on the international accounting standards ISAE 3402 and SSAE 16.
The consultancy service is designed to help service organisations prepare for a SOC 2 or SOC 3 audit, which are often requested of organisations that want to provide services to tier one organisations, such as financial institutions. The audit reassures clients that their data is protected – from initial development stage through to quality assurance, data backup and data availability.
UK-based vendor organisations may need to pass a SOC audit to meet the requirements of its client organisation. This is often if the case if the client is a listed company based in the United States, where SOC reporting is mandated by the American Institute of Charted Professional Accountants (AICPA).
A successful SOC report provides the client with increased assurance over its outsourced operations. It also provides the required assurance to clients that the service organisation has implemented the appropriate information security controls, allowing the vendor to partner with the client without having to undergo extensive due diligence.
Alan Calder, founder and executive chairman of IT Governance, says
“Our service is designed to help service organisations prepare for a successful SOC 2 or 3 audit by helping them implement and assess their information security and cyber security controls using our proven methodology and expertise.”
Organisations wishing to pass a SOC 2 or SOC 3 audit the first time may find that the management framework outlined by the international information security standard ISO/IEC 27001:2013 gives them a head start, as it provides assurance that the organisation holds data security of paramount importance.
“Thanks to our extensive experience with information security management systems and successful track record helping clients achieve compliance with ISO/ IEC 27001, we are ideally placed to deliver guidance and support implementing and evaluating the efficacy of the required controls,” says Calder.
IT Governance’s SOC audit preparation consultancy service covers a detailed analysis of the internal management processes and controls the organisation employs. Our team of information security experts will identify which SOC engagement is best suited to the organisation, and perform a gap analysis to identify any shortfalls once the correct SOC path has been identified.
For more information about IT Governance’s SOC Audit and Reporting ISAE3402, SSAE16, please visit our website, or contact our consultancy team directly at servicecentre@itgovernance.co.uk or call us on +44 (0) 845 070 1750.