Upon implementation of the framework, it is a demonstration of internal control over financial reporting (ICFR). We have a 6-phase Methodology, to help you achieve successful SOC 1 compliance.
Service Organization Controls (SOC 1) is aimed at assuring a user entity that there are adequate Internal controls over financial reporting (IFCR).
This phase involves determining key business objectives, from user entity, as well as of the service organisation.
This phase involves performing gap analysis of the above listed objectives on one hand, and the applicable SOC 1 controls and risks, on the other. We provide solution for all identified gaps.
This phase involves our methodology that involves distribution of risks, and control responsibility to internal stakeholders. This also includes nomination of key roles such as risk officer – who will drive the ongoing compliance.
This phase involves tracking the client risks, documentation and self-compliance on a weekly basis till all internal controls are adequately implemented.
This phase involves measuring internal control changes on a scale of 0-100%. This gives assurance to internal stakeholders that the processes implemented are adequate (or at risk). If there are deviations or risks identified, they are treated.
Internal audit followed by a formal review of the program gives organisation an independent perspective, and enables them to be ready for final attestation.
Attestation standard used by global professional accountants to attest SOC 1 controls.
Attestation standard used by US based CPAs to attest SOC 1.