Skip to Content

SOC 2 report and ISO compliance for global firm

June 1, 2022 Case Study 1 min read
Global advisory firm strengthens security measures and improves security posture, improving client confidence and increasing business.

 Image of two people talking

The client 

A privately held, global business advisory firm. 

The challenge 

With a growing concern over constant data breaches in the news that could potentially compromise clients’ confidential information, the client sought help with SOC 2 reports and ISO compliance certifications. Company leadership hoped to provide customer assurance and attest to its secure data measures. Although, its internal controls structure was sound, the client had never been audited by a third party. 

The solution 

The client engaged us based on our existing relationship providing audit and tax services and our expertise in cybersecurity. Our team conducted a readiness assessment to clearly map all internal controls and document them so they could be more easily monitored — a process that wasn’t in place previously. Through the assessment, we identified gaps and suggested ways to implement changes before starting the SOC 2 examination period. 

The benefit 

The advisory firm strengthened its security measures and improved its security posture. Most importantly, the firm improved client confidence in its data security. Since the firm’s potential clients specifically seek out companies with completed SOC 2 examinations, the security-related efforts have led to increased business. 
Though this engagement was initially scoped to include a small environment and assist with the client’s SOC 2 compliance, the client asked that we continue to rollout the process to their larger environment, and we’ve completed their SOC 2 reports for the past three years. We’ve also assisted them with the ISO 27001 audit process to successfully achieve certification. With our team’s extensive experience in SOC 2 compliance and our certified ISO 27001 lead auditor expertise, we provided both audits efficiently, saving the company additional time and money.

Related Thinking

A business professional working on a laptop at their desk
December 7, 2023

Cybersecurity insurance: Once optional, now essential

In The News 2 min read
Business professional discussing the future of automation during a CPE-eligible webinar.
Nov. 28, 2023

Maximizing your use of the Plex supplier portal

Webinar 1 hour watch
Three business professionals in a conference room assessing their Microsoft 365 cybersecurity protection
November 15, 2023

Assess your Microsoft 365 cybersecurity protection

Assessment 1 min read