While the AICPA does not define a minimum duration period for a SOC report, Auditwerx encourages our clients to conduct a Type 2 engagement for a period of at least 6 months. The reason behind this is that a period of less than 6 months may not be as useful for a user organization or the user auditor looking to gain comfort of controls over a typical 12 month period. Often times when a client comes to us needing a SOC report for the first time, they need it as soon as possible. Auditwerx does require a minimum of a 3 month testing cycle to ensure our engagements are useful and reliable for our clients and the users of the reports.
Contact us today to discuss our proven SOC reporting process.