Assurance Services

SSAE 18 / SOC Audit Services

Today’s businesses commonly outsource certain functions, such as financial-transaction processing, payroll processing and software services. This practice enables businesses to stay agile while enhancing their bottom line.

Annual System and Organization Controls (SOC) assessments present a comprehensive, in-depth analysis of your controls. If you are an outsourced service provider, our SSAE 18/ SOC audit reports can help demonstrate reliability of your services to your customers.

We can help distinguish you from competition by preparing three types of SOC reports:

SOC 1 is a comprehensive analysis and examination of business processes and information technology controls that are relevant to the user entity’s internal control over financial reporting. This analysis may be required to demonstrate compliance with laws and regulations.

SOC 2 is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. It assures your customers that you are meeting all contract-compliance requirements, service-level agreements, security and applicable nonfinancial regulations.

SOC 3 is a summary report that covers the same scope as SOC 2, but without presentation of detailed test results. SOC 3 reports are often intended for marketing and general public consumption and may be posted on a company’s website.

Main Contacts

Main Contacts


Su Wah
CPA/CITP – Partner


Michael A. Till
CPA – Partner