SOC Examinations

To compete in today’s marketplace, your customers must have trust and confidence in your environment. Providing SOC reports on an annual basis can deliver an additional level of assurance to your clients.

How to Maximize your SOC Report

SOC reports don’t have to be "routine"—maximize your report's value using the SHARPE method. Schellman Director Rob Tylka provides an overview

Read Article
52:52

SOC for Supply Chain

Watch Video
EnergyTech Insights (Part 2): Cybersecurity Risk Management in the Energy Services World

In Part 2 of our EnergyTech series, Schellman's Grayson Taylor discusses the proactive approaches energy services entities (ESEs) are taking to manage cybersecurity risk and data protection.

Read Article
Cue Internal Audit – Stage Right

The secret to a flawless, stress-free SOC examination experience? Utilizing your company's internal audit team. Schellman's Edward Delgado provides an overview of this invaluable resource.

Read Article
2:54

SOC for Supply Chain

Watch Video
COVID-19 and SSAE 18

Read Flipbook
COVID-19 and SSAE 18: What Does This Mean for Your SOC Preparedness

Hopefully this writing finds you well and adjusting to perhaps the most serious health-related situation in many a lifetime. Perhaps it may find you contemplating preparedness in specific ways.

Read Article
53:04

SOC 2 and ISO 27001: Compliance in Harmony

View the Webinar
53:49

Risk Assessment Requirements for SOC Reporting

Watch Video
52:00

SOCratic Method: SOC 1, SOC 2, and SOC 3

Watch Video
3:20

SOC 2: Should I Merge?

A Buck For Your Thoughts - Episode 002

Watch Video
Utilizing SOC Examinations to Help with Vendor Management

You most likely selected the link to this blog to discover one of two things: 1) how to effectively manage vendor requirements via SOC reports or 2) what the SOC 1/SOC 2 examination...

Read Article
SOC 3 Overview

Read Flipbook
SOC 2 Overview

Read Flipbook
SOC 1 Overview

Read Flipbook
Clearing Up The Confusion - Type 1 vs Type 2 and the Value Proposition

It may come as a bit of a surprise—maybe not—but there are actually two types of SOC reports. Upon examination, the service organization is responsible for specifying whether or not a...

Read Article
1:00:55

SSAE 18 and Other Famous Acronyms - Encore

As SSAE No. 18 is now effective as of May 1st, organizations and their customers will have uncertainty in what the new standard means and how it will affect their SOC 1 reports.

Watch Video
SOC 2 But Not SOC 2+HITRUST?

Can my organization successfully complete a SOC 2 but still not successfully complete a SOC 2 + HITRUST?

Read Article
Not A Game of Eeny, Meeny, Miny, Moe: Do Data Centers Need a SOC 1 or SOC 2?

The first question many service organizations have when they begin the process of researching Service Organization Control (SOC) reports is: which SOC report(s) do they need? The American...

Read Article
WEBINAR: SOC 2 and You: Overview and Update

Increasing concerns regarding information security have heightened scrutiny of service organizations’ control infrastructure and driven demand for attestation reports. As a result, the SOC 2...

Read Article
Loading More...

SOC Examinations

How to Maximize your SOC Report

SOC reports don’t have to be "routine"—maximize your report's value using the SHARPE method. Schellman Director Rob Tylka provides an overview

SOC for Supply Chain

EnergyTech Insights (Part 2): Cybersecurity Risk Management in the Energy Services World

In Part 2 of our EnergyTech series, Schellman's Grayson Taylor discusses the proactive approaches energy services entities (ESEs) are taking to manage cybersecurity risk and data protection.

Cue Internal Audit – Stage Right

The secret to a flawless, stress-free SOC examination experience? Utilizing your company's internal audit team. Schellman's Edward Delgado provides an overview of this invaluable resource.

SOC for Supply Chain

COVID-19 and SSAE 18

COVID-19 and SSAE 18: What Does This Mean for Your SOC Preparedness

Hopefully this writing finds you well and adjusting to perhaps the most serious health-related situation in many a lifetime. Perhaps it may find you contemplating preparedness in specific ways.

SOC 2 and ISO 27001: Compliance in Harmony

Risk Assessment Requirements for SOC Reporting

SOCratic Method: SOC 1, SOC 2, and SOC 3

SOC 2: Should I Merge?

A Buck For Your Thoughts - Episode 002

Utilizing SOC Examinations to Help with Vendor Management

You most likely selected the link to this blog to discover one of two things: 1) how to effectively manage vendor requirements via SOC reports or 2) what the SOC 1/SOC 2 examination...

SOC 3 Overview

SOC 2 Overview

SOC 1 Overview

Clearing Up The Confusion - Type 1 vs Type 2 and the Value Proposition

It may come as a bit of a surprise—maybe not—but there are actually two types of SOC reports. Upon examination, the service organization is responsible for specifying whether or not a...

SSAE 18 and Other Famous Acronyms - Encore

As SSAE No. 18 is now effective as of May 1st, organizations and their customers will have uncertainty in what the new standard means and how it will affect their SOC 1 reports.

SOC 2 But Not SOC 2+HITRUST?

Can my organization successfully complete a SOC 2 but still not successfully complete a SOC 2 + HITRUST?

Not A Game of Eeny, Meeny, Miny, Moe: Do Data Centers Need a SOC 1 or SOC 2?

The first question many service organizations have when they begin the process of researching Service Organization Control (SOC) reports is: which SOC report(s) do they need? The American...

WEBINAR: SOC 2 and You: Overview and Update

Increasing concerns regarding information security have heightened scrutiny of service organizations’ control infrastructure and driven demand for attestation reports. As a result, the SOC 2...