Assurance

SOC Reports

System and Organization Controls (SOC) reports are designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.

Our SOC Services Team is committed to providing our clients with the following:

A team approach to client service, utilizing all of the resources of our firm.
A flexible, practical cost-effective approach to the delivery of a SOC product.
The technical expertise you value and the personal service you deserve.
Accessibility to engagement partners and professional staff.
A detailed proposal and project plan to ensure that you receive the appropriate solution for your business.
Affiliates in most major North American cities through our membership with the Leading Edge Alliance.

GET IN TOUCH

Contact one of Marcum's regional representatives.

ASK MARCUM

What is a SOC Report?

System and Organization Controls (SOC) Reports
SOC reports adhere to a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to provide a mechanism by which service organizations can demonstrate the establishment of effectively designed control objectives and control activities to their customers, via an in-depth audit of the processes that are related to the services rendered to their customers.

Benefits
There are three (3) key reasons that service providers engage an auditor to prepare a SOC report:

Replaces the need of customer organizations to perform their own audits of services rendered by the service organization thereby minimizing disruption of operations.
Provides the service organization an independent operational assessment identifying opportunities for improvement regarding services rendered.
Serves as a marketing tool by which service organizations can provide potential clients the SOC report as a validation regarding services offered.

Swipe left to view entire table

Planning	Assessment	Fieldwork	Completion
Marcum team orientation	Review relevant systems	Finalize testing procedures plan	Review final draft of report
Develop project management plan	Review relevant processes	Discuss testing procedures with management	Resolve any reporting issues with management
Finalize critical deadlines	Identify relevant control objectives	Perform control walkthrough and testing procedures	Review drafts with Management
Develop preliminary lists of documents to be prepared by client	Identify key controls	Document testing	Issue Report Adobe PDF format Bound hard copy
Conduct planning meeting with the Company's Management	Perform risk assessment	Draft summary of findings	Debrief with management including control findings and recommendations
	Finalize evaluation of internal controls	Review draft report
	Identify potential internal control issues/concerns	Wrap-up fieldwork
	Report findings to the Company's Management

SOC Report Services

SOC Diagnostic
A SOC diagnostic is an ideal, low cost starting point for companies who have not had a SOC or other controls based audit procedures previously performed. Our SOC diagnostic is designed to assist our clients to make a determination regarding their preparedness for an actual SOC audit. Our findings, areas we believe need to be addressed prior to an actual SOC audit, are only reported internally to management.

Type I SOC Audit
Includes an opinion on the fairness of the presentation of a description of controls in operation and how the design of the controls achieves the specified control objectives as of a point in time.

Type I SOC audit may be preferable when your company:

Has never had a SOC audit performed.
Has concerns regarding its readiness for a Type II SOC audit.
Needs a SOC report to be issued within a short timeframe.
Has no contractual obligation with its customers to have a Type II SOC audit performed.

Type II SOC Audit
Report includes the information contained in a Type I service auditor's report, but also includes an opinion on whether the specific controls were operating effectively during the period under review.

Type II SOC audit may be preferable when your company:

Provides a significant level of services to companies impacted by the Sarbanes-Oxley Act of 2002.
Is contractually obligated to provide a Type II SOC audit report to customers.
Is often visited by various third parties looking to perform a variety of audit procedures.

Agreed-Upon Procedures Reviews
There are instances where it is not necessary to perform a SOC audit, but it is necessary for a company to report upon their achievement of certain control objectives. In such a scenario, we would advise an agreed-upon procedures review.

These reviews have a defined set of procedures, such as verifying the accuracy, integrity, timeliness and confidentiality of information processed by the service organization.
Designed to give independent third-party verification of selected controls to third-parties, such as customers and financial institutions, e.g. lenders.

The Marcum Advantage

Our "4-Fold" method divides the engagement into four phases Analysis, Remediation, Fieldwork, and Reporting.
Our approach ensures that our clients receive a high degree of efficiency, minimized disruptions to their business, and direct attention.
Team leaders with significant experience performing SOC audits.
National firm service without the associated high cost.

Reports

Marcum LLP PCAOB Report
DOWNLOAD
Marcum LLP Peer Review Report
DOWNLOAD

Related News

February 21, 2019
As Seen In

Marcum’s leadership in IPO audits in 2018 was reported by Long Island Business News.

Marcum performed more IPO audits in 2018 than any other accounting firm outside the Big Four, according to a newly released report from Audit Analytics.

February 12, 2018
As Seen In

Long Island Business News quoted Vice Chairman David Bukzin in an article about accounting firm services to public companies.

Long Island and the nation have fewer public companies than a few years or a decade ago, but some regional accounting firms with operations here ....

January 29, 2018
Press Release

Marcum LLP Leads Accounting Industry in Net New SEC Clients for Fourth Quarter of 2017

Marcum LLP led the accounting industry with more net new SEC audit clients in the fourth quarter of 2017 than any other accounting firm in ....

SEC Insights - January 2018

XBRL Requirements for Foreign Private Issuers

In case you were too busy back in March 2017 wrapping up your audit and finalizing your year-end financials to notice, the Securities and Exchange ....

SEC Insights - January 2018

AICPA National Conference on Current SEC and PCAOB Developments

The AICPA annual conference was held from December 4-6, 2017, in Washington, D.C. The conference focused on recent U.S. Securities and Exchange Commission and Public Company ....

December 12, 2017
Press Release

Adam Clark Joins Marcum as Assurance Services Partner

Adam Clark, CPA, has joined Marcum LLP as a partner in the Technical Review & Quality Control group of the Firm's Assurance Services Division. ....

SEC Insights - December 2017

SAB 74 - Enhanced Disclosure Requirements for Recently Issued Revenue Recognition Standards

With the issuance of ASU 2014-09, Revenue from Contracts with Customers, SEC guidance requires both quantitative and qualitative disclosures of the expected impact of adopting ....

SEC Insights - December 2017

FASB Issues Guidance Towards the Simplification of Instruments with Down Round Features

In an effort to reduce complexities and ease costs related to certain financial instruments with characteristics of both liabilities and equity, the Financial Accounting Standards Board ....

SEC Insights - September 2017

New SEC Rule Allows All Companies to File Confidentially for IPOs

Effective July 10, 2017, the Securities & Exchange Commission ("SEC") began allowing all companies to submit non-public, draft registration statements for initial public offerings ("IPOs").

SEC Insights - September 2017

New FASB Guidance for Financial Instruments

The Financial Accounting Standards Board (“FASB”) issued Accounting Standards Update ("ASU") No. 2016-01, Financial Instruments - Overall (Subtopic 825-10): Recognition and Measurement of Financial Assets ....

January 30, 2017
Assurance Alert

The Often Overlooked Section 404a

Suppose you are the CFO of a small public company, and you're having a conversation with a peer who is the CFO of an accelerated ....

Newsletter

SEC Insights

Alert of publicily traded company issues

READ THE LATEST EDITION

Contacts

Select the region to view contacts.

Practice Leader

Heather Bearfield

Cyber & IT Risk Leader

IT Risk and Assurance
Boston, MA
MA

Mark Agulnik

Partner

IT Risk and Assurance
Fort Lauderdale, FL
FL

Jenny Deloy

Office Managing Partner

Assurance
Chicago, IL
IL

Cary Drazner

Partner

Assurance
Deerfield, IL
IL

John J. McGonigal

Office Managing Partner

Assurance
Philadelphia, PA
PA

Nanette Lee Miller

Partner

Assurance
San Francisco, CA
CA

Bruce Roff

Partner

Assurance
New York, NY
NY

HAVE A QUESTION? ASK MARCUM

STAY IN TOUCH.

ABOUT MARCUM LLP

Marcum LLP is one of the largest independent public accounting and advisory services firms in the nation, with offices in major business markets throughout the U.S., as well as Grand Cayman, China and Ireland.

Learn More

CONNECT WITH US

OFFICES

Headquarters
750 3rd Avenue, 11th Floor
New York, NY 10017

Find an Office

(855) MARCUM1
info@marcumllp.com

FOUNDATION