As companies increasingly use outside service organizations to perform activities that are core to their business operations and strategy, the need grows for more trust and transparency into the vendors’ operations, processes and results.
Customers need assurance that service organizations can perform as advertised, deliver what they’ve promised, and continue hitting the mark, year in and year out. They want service organizations to provide assurance over a range of general and industry-specific concerns, including financial reporting controls, data security and privacy, regulatory compliance, availability, processing integrity and confidentiality.
But with reporting guidelines in a seemingly constant state of flux, service organizations may find themselves stymied, unable to provide the assurance their customers need or unable to report and verify their assurances.
Enter PwC. We offer a range of service organization controls reporting—but we also take things to the next level.
We begin by understanding our clients, their stakeholders and customers, and their specific attestation needs. Then we tailor a solution by staffing the engagement with individuals who possess insightful and relevant industry knowledge and deep experience in delivering service organization controls reports.
The result is a brand-enhancing moment. By delivering an independent, tailored, and customized attestation, PwC makes it possible for service organizations to approach both existing and prospective customers with confidence, and to convey the trust and transparency that those customers expect and need.
PwC is a trusted provider to service organizations.
A large storage and information management company, responsible for storing, protecting, and managing its customers’ information was routinely asked by customers to complete vendor questionnaires and agree to on-site audits. As a result, the company was spending a considerable amount of time, money, and resources responding to these requests.
What we did:
PwC was brought in to perform a SOC 2+ readiness assessment. Together with the information management company, PwC analyzed and reconciled the multiple vendor requests and incorporated relevant Trust Services principles to build a custom SOC 2+ report.
The SOC 2+ assessment and report provided benefits to both the customer and vendor. The information management company was able to eliminate the vendor questionnaire process and their customers no longer requested on-site audits. Through this solution, both the customer and vendor will save considerable time, money, and resources.