PROCESS

Pre-Engagement Meeting

Step 1 of 8

  • Discuss project goals, scope, requirements, timeline, and expectations
  • Provide an overview of the process and optional approaches to get audit-ready
  • Answer any questions
  • Provide a fair fee quote

Develop a Project Plan

Step 2 of 8

By asking the right questions and providing insight regarding the various options and typical roadblocks we see clients encounter, we can develop an actionable plan that will save you time, money, and frustration on your journey to SOC compliance.

Readiness Assessment

Step 3 of 8

The Readiness Assessment will provide you with a customized set of controls designed to meet the SOC requirements and simplify the gap remediation process. The controls will also be mapped to a list of evidential items that will be necessary to demonstrate the controls are in place.

Gap Remediation

Step 4 of 8

We will work with you to develop a plan to get audit-ready in the most efficient way possible. We'll create deliverables and templates to cut down your documentation requirements, saving you significant qualified resource time and getting you audit-ready fast.

Pre-Audit Assessment

Step 5 of 8

Serve as coordination with your audit firm, fieldwork preparation prior to the service auditor walkthrough, creation of the internal documents to ensure you are audit-ready.

Audit Examination

Step 6 of 8

We will perform the readiness testing in an efficient manner that minimizes business disruption.

Audit Report

Step 7 of 8

We will provide you with a final report for you, your service organization's board, and user entities. We can help facilitate next steps.

Ongoing Audit Success

Step 8 of 8

  • We will build sustainable compliance programs for a successful future audit cycle
  • We provide document retention tools
  • Control owner assignment tracking
  • Continuous compliance monitoring
  • Annual readiness & remediation tools needed for ongoing compliance requirements and preparation for next year's audit plan

SOC Clients we work with

AREAS OF EXAMINATION

The scope and related criteria (Trust Services Criteria) developed by the AICPA are used by CPA practitioners in the performance of SOC 2 engagements.

Book a Call
The system is protected against unauthorized physical and logical access.
The system is available for operation and use as committed or agreed.
System processing is complete, accurate, timely, and authorized.
Information designated as confidential is protected as committed or agreed.
Personal information is collected, used, retained, disclosed, and disposed in conformity with commitments in the organization's privacy notice and with criteria set forth in generally accepted privacy principles.

The mission is to provide a better path on every SOC audit outcome — in less time and for less money.

Menu

Services

Get In Touch

© Copyright DES-CPA, LLC 2025