Compliance Services

SOC 1 Reports Your Clients' Auditors Will Trust

When your clients' auditors request an SSAE 18 report, give them one from a firm enrolled in AICPA peer review with dual US-Swiss credibility. Type I and Type II reports delivered in 3–5 weeks.

What Is a SOC 1 Audit?

A SOC 1 audit examines the internal controls at a service organization that are relevant to their user entities' financial reporting. Formerly known as SAS 70, these reports are now issued under SSAE 18 (US) and ISAE 3402 (international) standards.

SOC 1 reports are essential for payroll processors, financial services firms, data centers, and any service organization whose operations impact client financial statements. They provide the assurance that external auditors and regulators require.

Auditsuisse is a US CPA firm enrolled in AICPA peer review with Swiss operations, giving our SOC 1 reports the credibility needed by both US and international stakeholders. We deliver Type I and Type II reports with the efficiency and precision that service organizations demand.

Key Facts

Standards

SSAE 18 (US) / ISAE 3402 (Intl)

Issued By

Licensed US CPA Firm (Enrolled in AICPA Peer Review)

Timeline

Type I: 3–5 weeks · Type II: 6–12 weeks

Jurisdiction

US & Swiss dual-headquartered

Best For

Payroll, Financial Services, Data Centers

What's Included

Comprehensive SOC 1 Engagement

Control Environment Review

Thorough assessment of your internal control environment, including IT general controls and business process controls relevant to financial reporting.

Control Objective Testing

Detailed testing of each control objective and related controls to verify they are suitably designed and operating effectively.

Formal SOC 1 Report

Type I or Type II report issued under SSAE 18 standards by our licensed US CPA firm, with ISAE 3402 dual-reporting available.

Management Assertions

Guidance on preparing accurate management assertions and system descriptions that meet AICPA requirements.

User Entity Considerations

Clear documentation of complementary user entity controls (CUECs) to support your clients' own audit requirements.

Subservice Organization Guidance

Expert advice on the inclusive vs. carve-out method for subservice organizations within your control environment.

Our Process

From Planning to Report Delivery

Scoping

Define control objectives, identify in-scope systems, and establish the examination period and report type.

Preparation

Review system descriptions, assess control design, and identify any gaps requiring remediation before fieldwork.

Examination

Perform detailed testing of controls through inquiry, observation, inspection, and re-performance procedures.

Reporting

Issue the final SOC 1 report with our CPA firm's opinion, management letter, and recommendations for ongoing compliance.

Get Started

Get Your SOC 1 Timeline

Enrolled in AICPA peer review, our team delivers SOC 1 reports that satisfy auditors and regulators across jurisdictions.

Request SOC 1 Consultation View Case Studies →