Group 1 helps guide your SOC 1 and SOC 2 projects from takeoff to arrival.
Which SOC Report Do You Need?
SOC 1 Report
If you provide services that substantially impact your customers’ financial statements, your customers may require a SOC1 report to evaluate your controls over financial processing. A SOC 1 report can be a Type 1 or Type 2 report, and it is important to select the correct type for your purpose.
SOC 2 reports provide your customers with a broad range of information about the security, availability and integrity of the systems that process your customers’ data, and the confidentiality and privacy of that data. A SOC 2 report can be a Type 1 or Type 2 report, and it is important to select the correct type for your purpose.
A Type 2 report evaluates the design and operation of your controls throughout a certain period. It is the most common SOC report issued. A Type 1 report is optional and is most commonly used to demonstrate that your SOC program is ready to operate as of a specific date.
Group 1 performs an initial readiness assessment and identifies the scope of work necessary to prepare your company for its SOC audit. The product is a remediation roadmap that points the way toward a successfully completed audit.
Putting the Program in Place.
Group 1 offers a complete range of preparedness services, from subject matter expertise to remediation oversight to full program management. Products include an effectively designed controls structure and related audit documentation.
Monitoring & Audit Coordination
Producing the Audit Report.
Group 1 performs ongoing monitoring to help ensure companies are operating their controls as needed for a successful SOC audit. We also provide audit management services to facilitate the pre-audit, audit and post-audit activities. The product is the successful issuance of your SOC report.