Learn more at While SOC 1 Type I audit engagements evaluate a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) at a specific point in time, a SOC 1 Type II audit evaluates a service organization’s internal controls that could impact their user organizations’ internal control over financial reporting (ICFR) over a period usually between six to twelve months. So, how do go about choosing your audit period? There are a few things you need to know.
One of the first steps that organization’s must take when pursuing SOC 1 Type II compliance is choosing their audit period. When choosing your audit period, you’ll pick a period of time from the past as auditors cannot make statements about what would happen in the future. Once you’ve determined the length of your audit period, your auditor will review the effectiveness of your organization’s internal controls during that time period.
Stay Connected
Twitter:
LinkedIn:
Facebook:
More Free Resources
Blog:
Webinars:
Videos:
White Papers:
About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.
For more about KirkpatrickPrice:
Contact us today: 800-770-2701
0 Comments