SOC Reporting

Do you receive constant inquiries from your business relationships regarding your business practices and the risks they may have? Do you have to answer to auditors and stakeholders about the risks vendors you utilize present as business challenges? If so, it may be time for a System and Organization Controls (SOC) audit.


The Right Audit for the Right Service

The AICPA has introduced certain specialized guidance for SOC audits which KerberRose can also provide. The most recent is the SOC for Supply Chain, which couldn’t come at a better time. With recent events, it is more crucial than ever to assess supply chain risks and make efforts to mitigate those risks for Production, Manufacturing or Distribution sytems. A SOC 1 or a SOC 2 has two types: SOC 2 Type 1 and SOC 2 Type II. A Type 1 audit provides an audit of controls as of a date, which is an examination of the controls design. A Type II audit provides an audit of controls over an audit period, which is an examination of the controls design and effectiveness.


Review Services

In some cases you may not need a full audit when a review will be sufficient. When we conduct our review, we use analysis and inquiry, rather than the verification procedures of an audit, to give limited assurance on your financial statements. This well-defined service is often an acceptable and more efficient alternative to an audit — helping you save valuable time while gaining expert insight on your organization.


SOC Framework

SOC Reporting
NIST 800-53 Security & Availability
ISO 27001 Security & Availability
CSA CCM Security & Availability
HIPAA Security Security
HIPAA Privacy Privacy / Confidentiality

Contact an Advisor

If your business could use a Trusted Advisor, contact KerberRose today to discuss creating a partnership.