System and Organization Control Readiness Reviews

SOC readiness reviews highlight control deficiencies while there’s still time to remediate them.

A SOC readiness review is the most efficient way to prepare for your formal SOC attestation engagement. By identifying potential deficiencies early, you’ll have the time to remediate them, put enhanced controls in operation and test the new controls long before a report is issued.

Our readiness reviews provide assistance and guidance regarding the actions necessary for a successful SOC engagement. They also greatly increase the likelihood your SOC report accurately reflects the controls and operations you want to provide to your users.

RSM offers various readiness review options, including:

A high-level, diagnostic readiness review of general computer and business process controls. This macro-level view helps you focus your remediation efforts in the right areas prior to your formal SOC engagement.

A complete readiness review provides practical, detailed recommendations that help management establish priorities and develop a road map for procedures, control objectives or criteria, controls and documentation that should be in place before your formal SOC engagement. This type of review can also include developing your SOC report template for your future attestation report. You are also provided with exhibits that support our findings and recommendations.

Who benefits from our SOC reviews?

SOC readiness reviews may be most helpful to organizations preparing for their first SOC attestation engagement or transitioning from one SOC report to another (i.e., SOC 1 to SOC 2). However, organizations that have gone through the SOC process before often choose to take advantage of a preliminary review to identify potential high-risk areas that may have surfaced since their last SOC engagement. A follow-up review can also result in greater efficiencies during the next formal SOC engagement.

Don’t be surprised by your auditor’s SOC report findings. For more information about RSM’s readiness reviews, contact us today.

Most Popular Insights


Which SOC controls report is right for your organization?

SOC reports demonstrate the strength of financial, operational and data protection controls at your organization. However, several options exist, and it is important to determine which is appropriate.

  • David Wood


Service organizations control reporting: Beyond financial reporting

Service organizations can provide operation and compliance assurance beyond financial reporting with the SOC 2 and 3 reports.

  • David Wood

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.




Cybersecurity lunch and learn: Shedding light on the dark web

  • March 21, 2018


Meet RSM at the 2018 IIA GAM Conference

  • March 12, 2018


2018 economic and risk outlook webcast

  • February 20, 2018


AML and regulatory compliance webcast series: Winter 2018

  • February 13, 2018


Cybersecurity risks for employee benefit plans

  • January 11, 2018