Robert Ramsay – CPA, CISA, CITP, HITRUST CCSFP
Bryan Gayhart – CPA, CISA, HITRUST CCSFP
Hey, thanks for joining us for another one of our SOC videos. We’re going to start a series we call DIY. So helping those who for the first time are doing a SOC report can do some of it yourself, the DIY part. You can’t do the whole thing yourself. It’s an independent audit and so you need a third party auditor, but the readiness assessment, which a lot of especially smaller organizations can use help with, we thought we could give some advice through a video to help those who are working on them.
And so we have a number of topics we’re going to cover, and we’re going to break them up into separate videos. At Barnes Dennig, we do a lot of SOC reporting. Some for really large companies and some for small startups. And we thought this DIY series would be especially useful for the smaller startups because if one person is involved and knows the whole operations, they can cover a good bit of this on their own, and they often want to save money. And one way to save money is doing some of the readiness and preparation before you bring in an accounting firm.
What if I’m strapped for resources though and I want to outsource the whole process, that whole readiness? What if I need extra help preparing to get ready for my first SOC report?
Yeah, that’s a good question, Bryan. We’re not saying that this is a requirement or anything. We’re just trying to make this available because we thought if we were in your shoes, we might have appreciated some of this. But if a company says, “Look, we’re slammed. We’ve got day jobs. You’re the expert. You help us,” that’s what we call a readiness assessment.
And we will come in, help draft your report, help go through all the things we’re going to talk about in this DIY series, the different kinds of criteria and disclosure items. We can help you with that. But if you’ve got a person on staff that wants to start and you’re a DIY kind of person, then maybe these will be for you.