SOC 3 (AT 101 Report)

Whether your company is new to the SOC audit process and in need of significant guidance, or has been audited many times, PKM has the right mix of experience and expertise you need. Because our clients are typically required to demonstrate compliance with sophisticated IT frameworks and withstand high due diligence standards, we have the experience of working with companies that are under substantial scrutiny from their users. The end result is a report that provides confidence to the scrutinizing parties and ultimately helps our clients to win more customers and drive growth.

In case you are new to SOC reporting, it’s important to understand the difference between the various types of reports. Similar to a SOC 2, a SOC 3 audit is based on the Trust Principles from the AICPA which could include security, availability, confidentiality, processing integrity and privacy. These audits are not designed for entities that process financial transactions but rather for businesses that are focused on providing services such as managed security services or co-location services as well as entities that hold significant third-party data but do not process financial transactions. Just like a SOC 1 and 2, a SOC 3 report also comes in two types – Type I and Type II. The main difference is that Type I reports are conducted as of a “point in time,” whereas a Type II reports cover a “period of time” and are the most common type that users typically ask for.

SOC 3 audits are designed in a way that they may be presented and available to the general public but the basis of the audit is still the AICPA’s Trust Principles. A SOC 3 is in essence, a SOC 2 audit without the detailed and very technical report.

At PKM, we have provided third-party service provider examination (SOC and its predecessor SAS 70) services since 1997. We have built a team to serve companies that count their clients as some of the largest financial service companies in the United States.

Our goal is to add value to your business by reducing risk and increasing long term value – it’s something we do every day.

For more information or to schedule a consultation, please contact Terry Ammons or call 404.420.5679.