Gain Assurance

SOC EXAMINATIONS

Need a better match? 
We can help you choose the right SOC audit for your organization and customers.

Mark Caiazzo, CPA

BerryDunn maintains a professional rapport through all stages of their audit services. We're proud to partner with them, as is our customer.

- Jeff Lipps, Intralot

Build customer confidence with sound internal controls backed by trusted reports.


Are you experiencing increased customer demand for a SOC examination? Do you want to provide your customers with an independent report of your internal controls? Do you want assurance that your internal controls are being followed?

BerryDunn understands systems and organization controls (SOC) reporting and how the results can impact your organization. Our professionals combine industry expertise with over 25 years of experience helping clients meet their customer and regulatory obligations. We take the time to understand your reporting needs and to work collaboratively with your team to guide you through the process. More than just issuing a report, we provide you with insights relevant to internal controls; processes and procedures; data management; and monitoring focused on risks and continuous improvement.

SSAE 18 and SSAE 16 Comparison Guide

Which SOC is right for you?

SOC 1

This exam reports on internal controls over financial reporting and is ideal for:

  • Third-party administrators
  • E-commerce providers
  • Payroll administrators
  • Insurance organizations
  • Financial institutions
  • Other organizations that process data or provide services critical to their customer's financial reporting

SOC 2

This exam reports on internal controls as they relate to the five Trust Service Principles (2016) including Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC 2's are ideal for:

  • SaaS, PaaS, DaaS organizations
  • Cloud providers
  • Managed service or application providers
  • System colocation providers
  • Other organizations that host or support customer data

SOC 2+

This is a SOC 2 exam that has been expanded to address compliance and best practice standards such as HIPAA, NIST, ISO 27000, etc.

SOC 3

This is similar to the SOC 2 exam, but the Auditor's Report is based on management's assertion that controls are in place and a public-facing report is made available for all users.

SOC Readiness Assessments

All SOC examination types require preparation and planning. Let our experts help you develop and implement controls to prepare for an upcoming SOC examination. Our team will walk you through the process, let you know what to expect, and help ensure a seamless transition - from preparing for an examination to successfully undergoing your first SOC examination.

Let us help

Gain confidence in all of your internal control efforts by working with BerryDunn's IT Assurance experts - from compliance attestations to IT security advisory services.

Contact our IT assurance practice leader, Mark A. Caiazzo, to learn more about how we can help.

 BerryDunn SOC Examinations