Assurance Services

Compliance and security are complex fields, with standards and jargon that are not necessarily transparent to your customers as the clear differentiators they are. How can you make sure that your customer understands that your processes have been assessed for risk, effectiveness, trust, and service?

Through Assurance Services.

Engaging our strategic partner for Assurance Services, in conjunction with any of Drummond Group’s compliance or security services, lets your customer know that everything is as it should be, and to the highest standards. Together, our comprehensive service eliminates duplication of effort, leverages client familiarity, eases procurement, and lowers your cost. These same services reduce administrative burden on both sides, and quality is ensured.

Our strategic partner for Assurance Services is proud to support the American Institute of Certified Public Accountants (AICPA) 2017 Systems and Organization Controls (SOC). They started with AICPA assurance programs way back in 1999, with SOC’s predecessor, AICPA Web Trust. They have a long-standing history of conducting engagements to AICPA professional standards. The AICPA SOC Trust Principles and Criteria is supported by CPAs and IT professionals across industries. The principles serve as a high standard of compliance that can be formally audited and attested to. Achievement of the AICPA trust services principles and criteria covering security, privacy, processing integrity, confidentiality, and availability is considered the gold standard by professionals and industry in the United States.

Let our strategic partner for Assurance Services improve the quality and context of information available to your customers about your compliance and security environments.

SOC 1 reports on your organization’s internal controls as they relate to your customers’ financial reporting. The report provides you and your customers with assurance that your internal controls over financial reporting are designed correctly and operating effectively to meet their objectives. Your client’s auditors can use your SOC 1 report to familiarize themselves with your system, which saves you and your clients time and money.

Completion of a SOC 1 audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA standards, which are considered the benchmark for internal controls in U.S. business. SOC 1 compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC 2 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with assurance your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments.

Completion of a SOC 2 audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA and COSO standards, which are considered the benchmark for internal controls in U.S. business. SOC 2 compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC 2 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with the assurance that your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments. The SOC 2 report also can report on your HITRUST certification or your compliance with the HITRUST standard.

Completion of a SOC 2 Plus HITRUST audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA , COSO, and HITRUST standards, which are considered the benchmark for internal controls in the U.S. health care sector. SOC 2 Plus HITRUST compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC 2 with Privacy expands on the traditional report on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. This is for organizations that create, collect, transmit, use, store personal information, or that interact with the data subject. The SOC 2 Audit with Privacy report provides confidence to your customers that you have controls in place to protect their personal information.

SOC 3 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with assurance that your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments, but with less detail so that they can be understood by the general public.

Completion of a SOC for Cybersecurity report can provide new and existing customers assurance that your organization’s risk management program complies with AICPA and COSO standards which are the benchmark for internal controls in U.S. business. SOC for Cybersecurity compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC for CyberSecurity also helps mature your cybersecurity risk management program and can help you manage cybersecurity risk beyond what internal risk assessments and audits provide. SOC for Cybersecurity audits can identify deficiencies in internal controls, pinpoint areas for improvement, and will strengthen your organization’s control environment, risk management program, and overall security posture.

SOC for Supply Chains reports on your organization’s internal controls as they relate to your supply chain system. The report helps you and you supply chain partners identify, assess, and manage the risks related to your system and provides your clients with confidence and trust they need to do business with you.

Completion of a SOC for Supply Chains audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA and COSO standards, which are considered the benchmark for internal controls in U.S. business. SOC for Supply Chains compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.