Skip to main content

Third Party Assurance (TPA)

Providing Assurance through System and Organisation Controls (SOC) Reports

Many companies rely on ISAE 3402, SOC 1 and SOC 2 reports to address outsourcing risk, Sarbanes-Oxley (SOX) and other compliance requirements. The SOC report framework enables an independent auditor to perform procedures and issue and opinion on the internal controls at a service organisation.

Service organisations often find themselves serving many industries across multiple geographies, which expands the range of compliance and regulatory requirements they must meet. Under increasing compliance pressures, companies are asking their service organisations to demonstrate the efficacy of their controls to higher degrees. In some cases, SOC reports have become a prerequisite for service organisations to win new business with established companies.

Let us take you through what you need to know about providing assurance to customers, business partners, regulators, and auditors through SOC reports. 

Did you find this useful?

Thanks for your feedback

If you would like to help improve Deloitte.com further, please complete a 3-minute survey