SOC 1 & SOC 2 Preparation Checklist
I’ve been hearing from various people in the marketplace that they were interested in learning about some steps, at a high level, that they need to take to get off the ground and on their way to completing their SOC 1/2 Report Type I or Type II. So, I will give you all a breakdown of some of the things organizations should be doing now, and some things to think about down the line as you progress. This SOC Reporting Checklist is geared towards service organizations whom have never undergone a SAS 70, SSAE 16, etc. in the past and will be taking up the task this coming year. A more detailed version geared towards companies that have some experience being audited will be coming down the line. Do your research. You have already come across our site, so you have begun the process of researching SSAE 16 and the responsibilities that come with performing one. I would continue to search for SAS 70 related information as well, as most of that knowledge is applicable. Find a few CPA firms who perform over 75 SOC Reports annually. You will want to research a number of firms that could perform and sign off on your SOC Report, which, only CPA firms are permitted to do. This process should be handled with the utmost care as you are putting a lot of trust into the company you choose, they can make or break you. Some things to consider: 1. The size of your
