Request a
Consultation
SOC 1, 2, 3 Compliance Service - hero image - Increases customer confidence

SOC 1, 2, 3 + SSAE 18 Compliance Services

Increase customer confidence and trust
through security assurance.

SOC Reports for Service Organizations

IT audits can be an intimidating, if not an overwhelming process for companies of all sizes. With Cerberus, it doesn’t have to be. Our deep experience designing and implementing security programs as well as auditing their effectiveness uniquely positions Cerberus as your preferred Service Organization Control (SOC) information security partner. Professionals at Cerberus will help guide you through all necessary steps to review and validate your information security processes and controls and identify gaps in order to prepare you for a successful SOC audit.

Information Security
Process Review

Internal Controls
Assessment

Policy & Procedure
Documentation

SOC 1

  • Internal Controls
  • Financial Reporting
  • Type 1 – design of the controls
  • Type 2 – design and operating effectiveness of the controls

SOC 2

  • Internal Controls
  • Security, availability, and processing integrity of systems
  • Confidentiality and privacy of user information
  • Type 1 – design of the controls
  • Type 2 – design and operating effectiveness of the controls

SOC 3

  • Internal Controls
  • Security, availability, processing integrity confidentiality, or privacy
  • Because they are general use reports, SOC 3 reports can be freely distributed.

SOC 1,2,3 + SSAE 18

The AICPA’s SAS No. 70, Service Organizations, has evolved into a family of Service Organization Control (SOC) Reports, which relate to information security and provide assurances about privacy and confidentiality controls as well as the security, availability, and processing integrity of their systems.

As companies are increasingly adopting vendor management programs to assess the IT security of their vendors, the demand for SOC Reporting is on the rise. Our experts are available to provide service organizations with audit preparation consulting, coaching, GRC services, and security program development guidance to ensure necessary controls are in place for future successful SOC engagements.

The typical SOC 2, type 2 audit preparation engagement includes the following:

  • Identification and capture of your existing internal controls.
  • Development of controls to address any gaps in compliance.
  • A full set of policy and procedure documentation that supports and aligns with existing and newly developed controls.
SOC Certification

Get Started with Cerberus Sentinel

Start Protecting Your Business’s Data and Have Digital Security Preparedness.
Whether you need to build a Security Incident Response Plan or have an immediate remediation.