SOC Assurance and Compliance

SOC reporting can help you remain competitive.

As a service organization, you need to accurately communicate the integrity of your financial internal controls, data security, availability, processing integrity, confidentiality and privacy to customers and/or their auditors. An appropriate system and organization control (SOC) report should help establish the trust and confidence that’s so crucial in today’s highly competitive marketplace.

A dedicated staff to help you make the right choice

Today, however, there are a variety of reporting options, and making the most appropriate choice for your organization can be challenging. Which report best conveys what you need your users to know? Is the best fit a SOC Type 1 report; or, would a SOC 2 or SOC 3 report be better?

At RSM we have a staff dedicated to helping service organizations across the world in this very specialized area. Our SOC assurance experts will help you navigate compliance challenges so that you can clearly communicate your organization’s commitment to internal controls.

Be ready for your SOC audit

Are you planning SOC audit engagement? If so, how confident are you that your organization is really prepared?

We often recommend a readiness review to identify potential deficiencies with sufficient time to remediate and retest the controls prior to a company’s formal SOC audit.

RSM specializes in SOC reporting

At RSM, SOC reporting is an area of specialization, not an add-on service. Our team has helped hundreds of service organizations:

  • cloud or co-location providers
  • software as a service (SaaS) providers
  • third-party administrators
  • credit card processors
  • fund administrators
  • and many more

Every day, we work with companies like yours to confirm the proper focus is placed on relevant controls and processes. Our years of experience, proprietary methodology and SOC-specific software mean that your SOC engagement will be handled efficiently.

You’ll receive just the right amount of personal attention from our professionals - at RSM, we understand the importance of not disrupting your business. In addition, our team members hold a variety of professional credentials and have access to the latest SOC thinking as firm representatives on a variety of SOC committees and boards.

When you need valuable SOC insight and tailored services, you need RSM. Give us a call to begin the discussion. 

RSM’s comprehensive SOC compliance services include:

Most Popular Insights


Effective SOC reporting

Service organizations must understand SOC reporting options to accurately represent their control environment to business partners.

  • Matt Gill, David Wood


SOC reporting: Understanding key changes ahead

The AICPA has implemented several changes to SOC reporting, and organizations must develop a strategic road map to meet the new standards.

  • Matt Gill, David Wood


SOC 2 common criteria: Addressing key changes in updated guidance

With the AICPA releasing changes to SOC 2 guidelines, service organizations must be aware of new demands and necessary framework adjustments.

  • Melissa Harp, Danny Collins, Mike Hielscher


SOC update: What recent changes mean for your internal control reporting

Service organization control (SOC) reports are in high demand, but recent updates have changed how internal control environments are communicated.

  • David Wood


The three pillars of a proactive risk-based vendor management program

As the use of outsourcing increases and garners more regulatory attention, the development of a strong vendor management program has become essential.

  • Joseph Benfatti, Anthony Baca

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.




Cybersecurity lunch and learn: Shedding light on the dark web

  • March 21, 2018


Meet RSM at the 2018 IIA GAM Conference

  • March 12, 2018


2018 economic and risk outlook webcast

  • February 20, 2018


AML and regulatory compliance webcast series: Winter 2018

  • February 13, 2018


Cybersecurity risks for employee benefit plans

  • January 11, 2018