When your clients or prospects request a SOC 1 report, they are really asking three questions:
- Have you developed and maintained a system of internal controls that are suitably designed to meet your stated internal control objectives?
- Are those controls in place?
- Do the internal controls function as designed?
A SOC 1, Type 1 report strives to answer the first two questions. An unqualified opinion in this report tells your client’s auditors that—in all material respects—the system you described is suitably designed to provide reasonable assurance that your organization’s financial control objectives will be achieved if the controls operate effectively. That information gives your clients a higher level of confidence in the system on which they rely for critical services.
The third question is answered in a SOC 1, Type 2 report.
Have you recently received a request from a client or prospect for a SOC 1 report?
Contact Auditwerx to schedule a Readiness Assessment that will prepare your service organization for a SOC 1, Type 1 examination.