SOC & Cybersecurity in Dallas, TX

Organizations that are service providers frequently need to produce reports that provide assurance related to financial reporting and IT controls; these reports are known as System and Organization Controls (SOC) reports. Vail & Park, P.C.’s experience in conducting these examinations has left us in a unique position to also guide organizations towards mitigating cybersecurity risk and improving overall cybersecurity posture. Contact us to schedule a free consultation for your business today!

Cyber attacks are growing in frequency and severity, particularly against small businesses. It is no longer a matter of whether a cybersecurity incident will happen, but when it will happen. To help establish whether your organization’s internal control environment for financial reporting and/or general IT controls is operating as effectively as it should or determine ways to increase your firm’s cybersecurity efforts, our team at Vail & Park, P.C. provides the following services:

SOC 1 ® – SOC for Service Organizations: ICFR

Users: Service organization management and specified parties, such as user entities of the system and business partners that interact with the system
Purpose: Provide specific users with information about controls related to financial reporting

SOC 2® – SOC for Service Organizations: Trust Services Criteria

Users: Service organization management and special parties such as user entities of the system and business partners that interact with the system.
Purpose: Provide specific users with information about controls related to security, availability, processing integrity, confidentiality or privacy.

SOC 3® – SOC for Service Organizations: Trust Services Criteria for General Use Report

Users: General users
Purpose: Provide information about controls related to security, availability, processing integrity, confidentiality or privacy.

SOC for Supply Chain

Users: Entity management, directors, investors, business partners, and other stakeholders
Purpose: Provide information about controls for producing, manufacturing or distributing goods to better understand the cybersecurity risks in their supply chains

SOC for Cybersecurity

Users: Entity management, directors, investors, business partners, and other stakeholders
Purpose: Provide information about the effectiveness of the entity’s Cybersecurity Risk Management Program

Cybersecurity Consulting

The purpose of this exercise is to assess your organization’s current cybersecurity posture, determine the strategic implementations required to improve the firm’s cybersecurity efforts, and work with your organization to develop the following documents:

  • System Security Plan (SSP)
  • Incident Response Plan (IRP)
  • Acceptable-Use Policy (AUP)
  • Plan of Actions and Milestones (PoAM)