IT Attestation

Attestation Services

Cybersecurity risks evolve at a staggering pace and insurers can find themselves facing liabilities associated with security breaches. The losses can be devastating in confidential, proprietary, and customer information as well as a public trust and corporate image. Passwords and firewalls are no longer enough. JLK Rosenberger can help insurers protect themselves with a comprehensive control system for managing cyber risk.

Agreed-Upon Procedures (AUP)

Often a business relationship or contractual agreement requires some type of audit-related service. AUPs can be used to evaluate specific controls when an appropriate SOC report is not available. The following is an overview of an AUP service:

  • Two or three-party arrangement among your business, a business partner, and the auditors
  • Specific procedures are designed and performed to meet the objectives of all parties
  • Typically a reporting of exceptions or no exceptions
  • Does not provide an opinion as to compliance
System Organization Control Reports

A SOC report provides organizations proof to vendors, customers, investors, or business partners that their service delivery and related IT components are safe, sound, and secure. The following is included in a SOC report:

  • Independent auditor’s opinion on the design and operation of controls
  • Internal controls of a service organization relevant to financial statements
  • Internal controls relevant to operations and compliance
  • Internal controls over cybersecurity risk management

Connect with Us

Need assistance with a SOC reporting or other IT Assurance issue, JLK Rosenberger can help. To learn more complete the form to the right and we will follow up with you promptly.