Service organizations that provide financial transaction processing and reporting or services to publicly traded companies or companies in regulated industries can be considered part of their customers' financial controls by their customers and their customers' auditors. These service organizations can find themselves being either requested or contractually required to provide their customer service organization (SOC 1) reporting under the AICPA's Statement of Standards for Attestation Examinations No. 18 (SSAE18). Effective after May 1, 2017, SSAE 18 is the successor to the Statement of Standards for Attestation Examinations No. 16 (SSAE 16) and the SAS 70 audit.
MHM helps third-party service organizations by providing assurance reporting about the controls that directly and indirectly affect their customers' financial transaction processing and reporting. Our type 1 and 2 Service Organization Control (SOC) 1 reports evaluate, test and opine on whether these controls are suitably designed and fairly represented to the readers of the report and that the controls are operating effectively.
We work closely with service organizations to assist you in meeting requests from customers for reporting under the SSAE 18. Prior to an initial examination, our professionals assist you in understanding, evaluating and addressing how your controls should be designed, operated and described in a report to be considered suitable, fairly presented and effective.
Assistance on Which You Can Rely
We draw from our national pool of resources and technical expertise to evaluate your control environment, helping you to identify where your systems could be strengthened or improved. Our team undergoes regular training and monitors developments that could have an impact on the way service organizations manage their processes. The result is high-quality service that helps you and your customers manage their risks.