Our Services
SOC 1 and SOC 2 Examinations
SOC Reports are a valuable tool for organizations to showcase to its customers that management has established measures to achieve its commitments. Although called Examinations, these look and feel very much like an Audit.
During an examination MCE will inquire with management, review policies and procedures, and inspect documentation to support management's assertions regarding its commitments. Efficiency with integrity is how MCE approaches an examination.
Our approach includes working with management to:
- Establish a thorough timeline and expectations to minimize disruption to the team
- Utilize secure methods of evidence review and maintenance
- Provide open communication channels for relevant feedback throughout the examination
- Deliver final reports in a timely manner to satisfy customer needs
SOC Readiness
If an organization needs to start providing a SOC report to clients, a SOC Readiness is the place to start. A well done Readiness can alleviate many headaches when the examination period begins.
We work with management to:
- understand the true needs of your clients,
- help isolate the scope and risks that should be the focus of the examination
- evaluate opportunities for improvement in the control environment and documentation requirements
- and educate management and the organization on what to expect during an examination
Agreed-Upon Procedures
As an alternative to a SOC report, an organization may utilize SSAE19 - Agreed-Upon Procedures (AUP) to provide assurances only on specific controls.
This may be a valuable solution for small and medium size businesses that don’t have the resources to complete a full SOC report.
For example, if a customer is requesting assurances over specific security risks of a system or process, an AUP can be tailored to address those limited risks vs. attesting to the full SOC criteria.
We work with management to:
- Review the true needs of inquiries from customers or other stakeholders
- Define the controls needed to be tested
- Establish and execute an appropriate test plan for the controls
- Provide a report that can be delivered to those inquiring about the subject matter
This website uses cookies.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.