A SOC 1 report is a report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting.
We work with and help service organizations create reports on internal controls for the services they provide. Service Organization Control (SOC) reports provide a consistent framework to report these controls. As a CPA firm with deep experience performing SOC 1 reporting audits, we are prepared to assist with issuing a SOC 1 report.
All SOC reports can be issued as a Type I or a Type II report. Typically organizations undergoing their initial SOC report will perform a readiness assessment, followed by a Type I report, and then a Type II report annually thereafter:
Provides independent third party verification by a licensed CPA firm as to whether internal controls described by a service organization are suitably designed to meet specified control objectives, and expresses an opinion by the CPA firm as to the design of the controls at a point in time. A Type I report does not give assurance over a period of time, and is typically utilized for first-time issuers, as a pre-cursor to Type II report
A Type II report provides independent third party verification by a licensed CPA firm as to whether internal controls described by a service organization are suitably designed to meet specified control objectives, and expresses an opinion by the CPA firm as to the design and operating effectiveness of the controls over a period of time, typically twelve months in duration. A Type II audit is performed annually, and the corresponding report issued. This is what is expected by customers, and their auditors as the procedures are sufficient to replace the work they would otherwise have had to perform
SOC 1 Lead
Priya started with Cadence in 2017 and manages engagements in the SOC (Service Organization Control) Reporting and Sarbanes-Oxley Compliance practices. She has over 10 years of experience in the accounting and auditing profession servicing a wide range of clients and industries. Priya's expertise includes assessing and designing technology controls for internal audit and external audit support.