SOC 1 Audits are specific to your controls that directly impact your customers’ financial reporting. This includes your general business and IT controls. Typically you would need a SOC 1 audit if your customer’s financial statements are being audited. Their auditors are responsible for understanding your client’s internal controls over financial reporting, including the internal controls of any service provider that provides a service that has a material impact on their financial reporting.
SOC 1 reports fall under the AICPA’s Statements of Attestation Standards 18 (SSAE 18). The control objectives will be determined by you with our assistance. We will discuss what control objectives (both business and IT related) will be important to your clients and their financial statement auditors. We will then work to align what controls you have in place to solve for those objectives.