CPAs Outsource SOC 1 Audits

Financial audits may need to include SOC 1 Type 2 audits of any service organizations involved.


  • User financial auditors have the option of outsourcing SOC 1 audits
  • SOC 1 audits in support of user auditors auditing accounting data increases assurances of reliable financial status.

CPAs performing financial statement audits have the option to outsource a SOC 1 audit of their client’s information technology data controls to provide their client with a higher level of confidence in the financial report. As more companies begin to comply with new AICPA standards for auditing information technology systems, it will become necessary for them to require SOC 1 Type 2 audits of IT systems as validation of the accuracy of the accounting data used in their financial statements and compliance with the new control standards. Users of information technology that can provide assurances to their customers and other service organizations today are being sought out by others that have been certified.

The auditing team at Integrated Accounting Services LLC provides SOC 1 reports for CPA  firms to assist auditors in providing assurances to their clients that their reports are based on validated data.  The team leaders are CPA.CITP  approved with experience in both accounting audits and IT systems audits.

The team also performs SOC 2 audits and issues SOC 3 certificates of compliance for financial institutions, service organizations and others using systems when security, availability, processing integrity, confidentiality  and privacy are required.

To provide a professional solution for these new standards the team at Integrated Accounting Services (IAS) performs audits for service organizations and their clients during the same testing period where possible.  IAS’s integrated approach to auditing both the service organization and its clients provides increased security, integrity and privacy for all systems. Timely coordinated reports and periodic follow-ups are part of the integrated approach to qualifying service organizations and their user entities and reporting the higher level of assurance to responsible parties.

This article is provided by Integrated Accounting Services for those seeking clarification of IT system and control requirements. Please contact us if you need an assessment of your system and to determine whether you need a SOC 1 or a SOC  2 audit to assure clients of your compliance with new standards.

Go back to top