SOC Reports & Special Attestations

AAFCPAs is a best-value provider of System and Organization Controls (SOC) reports for organizations that must provide assurance about their systems to users.


Differentiate by demonstrating your strong controls.


Assure users that your controls satisfy the Trust Services Criteria.

SOC for Cybersecurity

Communicate your cybersecurity risk management program and the effectiveness of your controls.


Demonstrate to customers what you’re doing to meet HITRUST requirements.

Compliance Attestation

AT-C 205 Attestation Examinations and AT-C 315 Compliance Attestations

Other Attestations + Agreed Upon Procedures (AUP)

AUP and Attestations against subject matter

AAFCPAs is a premier provider of System and Organization Controls (SOC) reports for organizations that must provide assurance about their systems to users. AAFCPAs has a team of dedicated professionals with extensive experience advising a variety of service organizations. Our team members have a deep understanding of internal controls from a design, implementation and testing perspective.

Talk SOC

What Differentiates AAFCPAs’ SOC Practice

Obtaining a SOC report demonstrates that your organization has the proper controls in place to give your customers valuable peace of mind.

We advise clients on how to transition to the enhanced COSO 2013 Framework, and better manage elevated expectations regarding internal control processes. We have a proven method for producing SOC reports that results in both a report that is clear and concise, and which contains actionable feedback to help improve your internal control environment.

SOC Readiness to Expedite the Assessment

Often, businesses don’t know they need a SOC (System and Organization Control) report until a large prospect asks for it to proceed. These reports provide assurance to prospects or customers that their sensitive information will be protected if they do business with you.

In these cases, we are asked how quickly we can turn one of these around. AAFCPAs provides the following recommendations to expedite the SOC Report process>>

What Our Clients Say

Quotation MarkAAFCPAs is a true partner. They’re always there for us to help us grow and anticipate challenges or changes on the horizon. They’ve worked with us on all types of SOC reports [SOC 1 Type 1 and 2 plus SOC 2 Type 1 and 2] along with special attestations, process assessments, and SOC readiness. And they make audits clear and understandable. But more importantly, they give us context and guidance because they know us—perhaps even better than many of our own employees.

Michael Marotta
Governance, Risk, and Compliance Officer
Public Consulting Group LLC (PCG)

AICPA SOC Logo Certified Ethical Hacker - Cybersecurity AAFCPAs