Service Organization Control (SOC) reports for the time period between October 31, 2107 and September 30, 2018 are now available for interested clients. SOC reports act as an attest standard to provide clear evidence to Expedient clients that a third-party has verified that our business processes are being followed.
All our current SOC reports are considered to be “Type II,” which means that they look at a historical time period and that the external auditors have examined evidence that allows them to confidently attest to the fact that we have operated our systems in the manner that we’re representing. Expedient offers multiple SOC reports that serve as third-party attestations of our operating excellence that complement our clients’ industry and government mandated compliance initiatives:
- SOC 1 (aka Statement on Standards for Attestation Engagements (SSAE-18)) – applies to our internal control over financial reporting and is used by customers undergoing financial statement audits and those who require compliance with the Sarbanes-Oxley Act or similar regulations (requires signed mutual non-disclosure agreement)
- SOC 2 + HITRUST – applies the principles of Availability, Security, and Confidentiality and is used by clients who require confidence in the critical business processes and procedures to complement compliance with industry or government regulation, and now includes the HITRUST CSF for HIPAA attestation (requires signed mutual non-disclosure agreement)
- SOC 3 – applies a summary format for use by prospective or current clients as a general overview related to certain processes and procedures (downloadable from our web site)
To request this latest SOC report, contact your Expedient Client Advisor or Account Executive. Click here to learn more about our approach to supporting the compliance needs of our clients.