Third party assurance – SOC 1, SOC 2 & ISAE 3402

Services Consulting Risk consulting

Third party assurance SOC 1, SOC 2 & ISAE 3402

Many companies are choosing to engage specialist third parties to provide services on an outsourced basis using skills or solutions that they do not have in-house.

There is a heightened focus on the need for effective oversight of the risks associated with outsourcing and our third-party assurance service line is designed to provide companies with such assurance.

Companies that specialise in managing outsourced processes are generally required to provide assurance to their clients in the form of a third-party assurance certification such as SOC 1, ISAE 3402 or SOC 2. Such assurance is often required in order to attract new customers or retain existing clients.

Mazars provide a full suite of third party assurance services to clients across the following third-party assurance standards:

SOC 1 and ISAE 3402

An assurance report that focuses on a service organization’s system of internal controls that are relevant to the internal controls over financial reporting

SOC 2 (and SOC 2+)

An assurance report that focuses on a business's non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system

SOC for Cybersecurity

An assurance report that focuses on an organisations' enterprise-wide cybersecurity risk management program.

Agreed Upon Procedures (AUP)

An audit on a specific test or business process

In relation to these standards we provide:

  • Planning services: assistance with scoping and preparing the documentation required for a third-party assurance audit
  • Readiness assessment: performance of testing to identify gaps between existing controls and those required to obtain an unqualified audit report.
  • Audit services: performance of a SOC 1, SOC 2, ISAE 3402, SOC for Cyber or AUP audit 

Got a question? Just get in touch

Join our mailing list

We have insights into developments that affect your business. We can provide you with unique perspectives and thoughtful solutions so you can meet new challenges and seize opportunities. Subscribe here

Risk consulting news

Data protection newsletter Issue 15

Mazars Data protection newsletter - Issue 15

It has been five years since the GDPR came fully into force. We now have a good idea of how data protection will be interpreted and should be applied. We also understand that it's always a moving target with internal organisation changes, external guidance, sanctions, and judgement needing to be understood and addressed.

Read more
Compliance officers in early-stage firms Mazars Ireland

Compliance officers in early-stage firms

In a recent article for The Irish Compliance Quarterly, Kian Caulwell, Partner, Head of Financial Services Consulting at Mazars and a member of the Compliance Institute’s Consumer Protection Working Group outlines the opportunities and challenges of being a compliance officer in an early-stage firm.

Read more

Contact

Related pages

4.2.4 Cybersecurity and data protection.jpg
Cyber security

Build technological resilience so you can operate with confidence

Read more
Governance - Mazars in Ireland
Governance

Helping you create a resilient framework and culture that keeps you a step ahead of uncertainty

Read more
4.2.8 Third party risk management and assurance.jpg
Third party risk management & assurance

Effective oversight and assurance for your extended enterprise

Read more
4.2.7 IT assurance and advisory.jpg
IT audit

Build trust with a robust approach to technology, processes and controls

Read more
4.2.5 Internal audit.jpg
Internal audit

Protect your strategic vision through a dynamic approach to internal audit

Read more