The Value of a Readiness Assessment

February 16, 2015

Readiness Assessments are designed to assist service organizations in assessing their preparedness for different compliance reports, such as SOC 1 and SOC 2 examinations.

 Unlike a service audit which has the objective of reporting on existing controls, readiness assessments are designed to identify those controls that should be implemented or improved prior to an actual audit or gaps within the current control environment.

The Top 5 Values of a Readiness Assessment

  1. Auditor gains an understanding of the client environment in advance of the review
  2. Client management gains comfort with the audit team and the review process
  3. Low stress and candid discussions pertaining to the controls implemented, and the gaps identified
  4. Opportunity to review the assessed gaps and implement controls
  5. Clients can leverage the experience of the service auditor when beginning the preparation of the description of services, or report narrative.

Remember....

Ask questions
Utilize the knowledge and experience of the auditor to gain comfort and understanding of the review process.

Pull back the curtain
This is the time when nothing should be held back, especially in areas where the client might feel there are insufficient controls. One of the core objectives of the readiness assessment is to identify areas for improvement so that gaps are closed prior to the examination.

Previous Article
SOC 2: Overview
SOC 2: Overview

What is a SOC 2 examination? How is it different than a SOC 1 examination?

Next Article
SOC Reports: The Difference between Type 1 and Type 2?
SOC Reports: The Difference between Type 1 and Type 2?

There are two types of SOC 1 reports. The service organization is responsible for specifying whether or not...



Risk Assessment Requirements For SOC

Webinar on August 17th @ 1pm EDT

REGISTER