Skip to Content
Image of two people talking
Case Study

SOC 2 report and ISO compliance for global firm

June 1, 2022 / 1 min read

Global advisory firm strengthens security measures and improves security posture, improving client confidence and increasing business.

The client 

A privately held, global business advisory firm. 
 

The challenge 

With a growing concern over constant data breaches in the news that could potentially compromise clients’ confidential information, the client sought help with SOC 2 reports and ISO compliance certifications. Company leadership hoped to provide customer assurance and attest to its secure data measures. Although, its internal controls structure was sound, the client had never been audited by a third party. 
 

The solution 

The client engaged us based on our existing relationship providing audit and tax services and our expertise in cybersecurity. Our team conducted a readiness assessment to clearly map all internal controls and document them so they could be more easily monitored — a process that wasn’t in place previously. Through the assessment, we identified gaps and suggested ways to implement changes before starting the SOC 2 examination period. 
 

The benefit 

The advisory firm strengthened its security measures and improved its security posture. Most importantly, the firm improved client confidence in its data security. Since the firm’s potential clients specifically seek out companies with completed SOC 2 examinations, the security-related efforts have led to increased business. 
 
Though this engagement was initially scoped to include a small environment and assist with the client’s SOC 2 compliance, the client asked that we continue to rollout the process to their larger environment, and we’ve completed their SOC 2 reports for the past three years. We’ve also assisted them with the ISO 27001 audit process to successfully achieve certification. With our team’s extensive experience in SOC 2 compliance and our certified ISO 27001 lead auditor expertise, we provided both audits efficiently, saving the company additional time and money.

Related Thinking

Three business professionals having a conversation at a circular table while sitting down
December 20, 2024

Navigating M&A purchase price adjustments: Tips for reducing risk

Article 6 min read
Business professionals in a conference room discussing FFIEC CAT sunset
December 16, 2024

FFIEC CAT sunset: Considerations for choosing a new cybersecurity framework

Article 6 min read
Two business professionals holding a notepad and discussing with one another
December 16, 2024

Value creation: The upside of extended holding periods

Article 5 min read