SOC 2 Examination

A SOC 2 is an examination of a service organization’s controls over its system relevant to security, availability, processing integrity, confidentiality, or privacy.

The team at Audit Peak has more than 15 years of experience performing SOC 2 engagements for start-ups, mid-size and large-cap companies. We have examined and audited many legacy environments and even more cloud environments including Amazon AWS, Microsoft Azure, and Google GCP.

Build Trust And Bolster Your Reputation

SOC 2 Readiness Assessment

How prepared are you for a Type 1 or Type 2 assessment?

Audit Peak will prepare you for the climb towards completing a successful SOC 2 Type 1 or Type 2 engagement. Audit Peak will perform a thorough review of your system and organization controls, including the policies, procedures, IT general controls and business processes supporting the system. We will provide you with a detailed gap assessment outlining the current controls in place that would satisfy the SOC 2 criteria. The deliverable will also include the control deficiencies/gaps along with best practices for remediating the deficiencies/gaps identified, and any key controls that must be remediated prior to pursuing a SOC 2 Type 1 or Type 2 report.

Gain Competitive Advantage And Meet Commitments

SOC 2 Type 1 Report

Report as of a point in time

A service organization can pursue a Type 1 report with or without an initial Readiness(Gap) Assessment, however there are important considerations for success. The Type 1 report is performed as of a specific date meaning that the system and controls must be designed and implemented as of that specified date. Accordingly, the SOC 2 Type 1 focuses on:

  • The description of the service organization’s system.
  • The suitability of the design of the service organization’s controls.

Continuously Improve Risk Posture

SOC 2 Type 2 Report

Report covering a period of time

A Type 2 report is the “Peak” and Audit Peak is strategically positioned to provide service organizations with the guidance and expertise of its personnel to successfully complete a SOC 2 Type 2 audit.

A SOC 2 Type 2 covers a period of time (typically between 3 and 12 months) and while it includes assessing the suitability of the design of the service organization’s controls, the SOC 2 Type 2 also assesses the operating effectiveness of those controls over the review period.

Let’s Discuss Your SOC 2 Needs.

We Will Take Your Compliance To The Peak!