"> Assurance Services – Drummond Group

Assurance Services

SOC Assurance Services

Compliance and security are complex fields, with standards and jargon that are not necessarily transparent to your customers as the clear differentiators they are. How can you make sure that your customer understands that your processes have been assessed for risk, effectiveness, trust, and service?

Through Assurance Services.

Engaging our strategic partner for Assurance Services, in conjunction with any of Drummond Group’s compliance or security services, lets your customer know that everything is as it should be, and to the highest standards. Together, our comprehensive service eliminates duplication of effort, leverages client familiarity, eases procurement, and lowers your cost. These same services reduce administrative burden on both sides, and quality is ensured.

Our strategic partner for Assurance Services is proud to support the American Institute of Certified Public Accountants (AICPA) 2017 Systems and Organization Controls (SOC). They started with AICPA assurance programs way back in 1999, with SOC’s predecessor, AICPA Web Trust. They have a long-standing history of conducting engagements to AICPA professional standards. The AICPA SOC Trust Principles and Criteria is supported by CPAs and IT professionals across industries. The principles serve as a high standard of compliance that can be formally audited and attested to. Achievement of the AICPA trust services principles and criteria covering security, privacy, processing integrity, confidentiality, and availability is considered the gold standard by professionals and industry in the United States.

Let our strategic partner for Assurance Services improve the quality and context of information available to your customers about your compliance and security environments.

Types of SOC Reporting

SOC Type 1

SOC 1 reports on your organization’s internal controls as they relate to your customers’ financial reporting. The report provides you and your customers with assurance that your internal controls over financial reporting are designed correctly and operating effectively to meet their objectives. Your client’s auditors can use your SOC 1 report to familiarize themselves with your system, which saves you and your clients time and money.

Completion of a SOC 1 audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA standards, which are considered the benchmark for internal controls in U.S. business. SOC 1 compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC Type 2

SOC 2 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with assurance your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments.

Completion of a SOC 2 audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA and COSO standards, which are considered the benchmark for internal controls in U.S. business. SOC 2 compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC 2 with HITRUST

SOC 2 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with the assurance that your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments. The SOC 2 report also can report on your HITRUST certification or your compliance with the HITRUST standard.

Completion of a SOC 2 Plus HITRUST audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA , COSO, and HITRUST standards, which are considered the benchmark for internal controls in the U.S. health care sector. SOC 2 Plus HITRUST compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC 2 with Privacy

SOC 2 with Privacy expands on the traditional report on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. This is for organizations that create, collect, transmit, use, store personal information, or that interact with the data subject. The SOC 2 Audit with Privacy report provides confidence to your customers that you have controls in place to protect their personal information.

SOC Type 3

SOC 3 reports on your organization’s internal controls as they relate to the AICPA Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report provides you and your customers with assurance that your internal controls are designed correctly and operating effectively to meet your system objectives and service level commitments, but with less detail so that they can be understood by the general public.

SOC for Cybersecurity

Completion of a SOC for Cybersecurity report can provide new and existing customers assurance that your organization’s risk management program complies with AICPA and COSO standards which are the benchmark for internal controls in U.S. business. SOC for Cybersecurity compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

SOC for CyberSecurity also helps mature your cybersecurity risk management program and can help you manage cybersecurity risk beyond what internal risk assessments and audits provide. SOC for Cybersecurity audits can identify deficiencies in internal controls, pinpoint areas for improvement, and will strengthen your organization’s control environment, risk management program, and overall security posture.

SOC for Supply Chain

SOC for Supply Chains reports on your organization’s internal controls as they relate to your supply chain system. The report helps you and you supply chain partners identify, assess, and manage the risks related to your system and provides your clients with confidence and trust they need to do business with you.

Completion of a SOC for Supply Chains audit can help you meet contractual obligations with existing customers and attract new customers by demonstrating your organization’s compliance with AICPA and COSO standards, which are considered the benchmark for internal controls in U.S. business. SOC for Supply Chains compliance differentiates your firm from your competitors and provides you with a competitive advantage in the marketplace.

The People of Drummond are here to help!

Speak with an assessment advisor today.

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.