SourcetekIT's SOC Attestation Service is a consulting and audit preparation service that guides service organizations through the process of obtaining a System and Organization Control (SOC) report. The service follows a two-step process: first, SourcetekIT analyzes the organization's existing practices around financial information and data integrity, identifying gaps and helping improve internal controls; second, the organization is connected with a Certified Public Accountant (CPA) who conducts an independent audit and issues an official SOC report. The service covers three report types: - SOC 1: Focused on internal controls over financial reporting (e.g., payroll processing, employee benefits, loan servicing), intended for user organizations, management, clients, and auditors. - SOC 2: Addresses information security controls across five Trust Services Categories — Security, Availability, Processing Integrity, Confidentiality, and Privacy — demonstrating a mature information security program. - SOC 3: A condensed version of the SOC 2 report suitable for public use in marketing and promotional materials. Audits are conducted in accordance with SSAE 18 Audit Standards. SourcetekIT also offers SOC consulting and readiness assessments, helping organizations identify applicable risks and controls prior to formal audit engagement. Reports are customized to meet the specific needs of the organization.