Accountant working on a SOC Report on a laptop.

System & Organization Controls (SOC) Reports

Give Clients Peace of Mind About Your Controls with SOC Reports

Whether you're preparing your first System and Organization Controls (SOC) report or concerned your existing report isn't satisfying user needs, BKD’s IT Risk Services team is here to assist you. Our experienced advisors have been helping service organizations refine their processes and enhance controls for more than 15 years. Users expect assurances in today's outsourced, remote business environment, and boilerplate reports are no longer acceptable given the risks associated with service providers.

BKD provides SOC Readiness, SOC 1, SOC 2 and SOC 3 engagements to help organizations assess the design and operating effectiveness of their controls. We can also assist with SOC for Cybersecurity, a voluntary reporting framework that can help communicate relevant information about your risk management program and its effectiveness.

Effects of Changes in Attest Standards on SOC 1 Examinations

In 2017, the American Institute of CPAs issued SSAE 18, replacing SSAE 16 as the standard underlying SOC reports. SSAE 18 contains significant changes to management’s responsibilities for SOC 1 reports and also provides clarification and guidance for service auditors. This article covers changes to SOC 1 audit standards caused by SSAE 18 and their effect on service organization management. We're well versed in the similarities and differences between the two standards and are ready to assist with your needs.

How can we help you?

BKD Ben Trusted Advisor with Clipboard


We have 40 offices in 18 states, with trusted advisors who offer solutions for clients across the country.

Browse locations