Performance Assurance - Building customer trust

A perspective on Service Organization Controls reporting options

Over the past several years, companies have been more aware of the importance of internal controls over third-party hosted systems, services and data.

The increasingly sophisticated cloud computing environment has introduced new risks and challenges for organizations. Any effective system of internal control must adapt to new challenges and changes. Today's business environment strains controls that were once sufficient.

This paper introduces a new breed of controls reporting options in place of the former Section 5970 and SAS 70 reports that provided customers with board coverage over their internal controls. It provides outsourced service providers and their customers with an understanding of the new Service Organization Controls (SOC) reports 1, 2 and 3 options, the ability to compare and contrast the options to assist with determining the best fit and suggested steps in scoping and delivering a SOC report.

Contact us

Tony Pedari
Tel: +1 416 941 8226

Peter Hargitai
Partner, Trust and Transparency Solutions Leader
Tel: +1 416 941 8464

Jennifer Johnson
Partner and National Leader, Risk Assurance Services
Tel: +1 416 947 8966