Providing accounting and auditing
services since 1954

A member of Kreston International | A global network of independent accounting firms

You are here:  Services  >  SOC Reports
Systems and Organization Control (SOC) Reports
from MHM under SSAE18 and Trust Services

Third-party service providers find themselves increasingly under the microscope. Several recent high-profile fraud and cybersecurity incidents could be traced back to weaknesses in a vendor's control environment. As a result, clients, their auditors and regulators are taking a closer look at providers' internal controls.

MHM helps vendors address the scrutiny through our full range of Systems and Organization Control (SOC) report services from SOC 1 under SSAE 18 and SOC 2 and SOC 3 under Trust Services and SOC for Cybersecurity under AICPA criteria. The independent assessments of the design, implementation and functioning of service organizations' internal controls provide information their clients can use for financial reporting and risk management.

SOC Services

SOC reports may come as part of a client's financial statement audit, but many vendors are electing to undergo SOC reports proactively to gain a competitive edge.

Whatever the source of the request, we leverage national resources and technical expertise to help you address it in a timely, cost-effective manner. We offer a full range of SOC report services, including:

  • SOC 1 Reports: We evaluate, test and opine on whether financial reporting controls are suitably designed and fairly represented as well as whether controls are operating effectively.
  • SOC 2 Reports: Our team looks into how your information technology controls over processes and people measure up to core SOC 2 trust principles of security, availability, processing, integrity, confidentiality and privacy.
  • SOC 3 Services: For organizations that do not use another service organization to provide services, we can provide high-level descriptions of your services and control structure.
  • SOC for Cybersecurity: We will examine a description of an entity’s cybersecurity risk management program and opine on whether the cybersecurity protocol description meets AICPA criteria. Our team will also examine whether cybersecurity controls effectively achieve commonly accepted control criteria.

Commitment to Quality

Our dedicated team of SOC professionals keeps up-to-date on the changes that could have an impact on you. We monitor trends and legislative developments and attend regular training, which has helped position MHM as a leader in the SSAE 18 arena.

In addition to being recognized as an industry leader on a national platform, we are dedicated to providing top quality SSAE 18 reviews or readiness services. Our team includes individuals who are accredited Certified Public Accountants (CPA), Certified Information System Auditors (CISA) and Certified Information Systems Security Professionals (CISSP).

Related Articles

AICPA Service Organization Control Reports

John Robichaud

John Robichaud

John Robichaud

Northeast Region
Email John»
Dan Klapheke

John Robichaud

Dan Klapheke

Southeast Region
Email Dan»
Michael Hannan

Michael Hannan

Michael Hannan

Midwest Region
Email Michael»

Gregg Landers

Gregg Landers

Gregg Landers

West Region
Email Gregg»

Share This Page


About MHM   |   Locations   |   Services   |   Industries   |   News   |   Resources   |   Our People   |   Contact

Home  |   Locations   |  Careers   |  Contact   |  Client Portal