By Charles on Sunday, 06 October 2019
Category: Uncategorized

SOC 2 Type 1 Guidelines for Texas Service Organizations (Austin, Dallas, Houston)

The SOC 2 Type 1 guidelines, which have been published by the American Institute of Certified Public Accountants (AICPA), consist of the AT 101 professional standard, along with the inclusion of the following five (5) Trust Services Principles (TSP):

The Importance of a SOC 2 Scoping & Readiness Assessment

Want to save time, money, while reducing cost overruns and headaches when it comes to SOC 2 compliance? If so, and we’re sure you do, then begin the process with a much-needed SOC 2 scoping & readiness assessment. Benefits of such an assessment include the following:

Additional points worth noting about NDB's industry leading SOC 2 Type 1 guidelines are the following:

Other Important Considerations for SOC 2 Type 1 Reports

Policies and Procedures are Key to Compliance: That’s right, having well-written information security policies and procedures are a big part of becoming – and staying – SOC 2 compliant. In fact, many Texas businesses quickly find that developing such documentation is often the most time-consuming and taxing aspect of the entire audit!

For that reason alone, we offer industry leading InfoSec policy templates for helping Texas businesses save thousands of dollars and dozens of operational hours on critical policy development.  It’s just another reason why so many firms in Texas look to NDB for SOC 2 audit guidance and expertise.

Operational Measures Need to be Implemented: When we speak about operational measures, we’re talking about much more than just authoring policies and procedures. Specifically, “operational measures” include the following:

This requires some heavy lifting and getting management on board for investing in security tools and solutions, along with spending time in implementing these measures. NDB can assist in all aspects of what we call “operational measures”. Call NDB today at 512-522-4943 (Austin), 214-272-0967 (Dallas), or at 713-331-5492 (Houston) to learn more about NDB’s SOC 2 services, or email us at This email address is being protected from spambots. You need JavaScript enabled to view it. to discuss your compliance needs.

Continued Compliance is the Norm: Auditors generally show up at your location once a year for anywhere from a few days to a week. With that said, it’s your responsibility to ensure your control environment is functioning as designed. Specifically, it means monitoring controls on a regularly scheduled basis – your policies, procedures, and processes – and reporting upstream to management the results of monitoring. 

Remember that an annual SOC 2 audit (either a Type 1 or a Type 2) is really only intended to evaluate – and hopefully validate – that a service organization’s controls are functioning as designed. The other 11.5 months of the year is up to you – the service organization – for keeping your control environment in tip-top shape. 

What does “Continued Compliance” really mean? It’s about having personnel assigned to the role of monitoring, enforcing, and making changes to one’s control environment (i.e., an organization’s policies, procedures, and processes) as needed. The more proactive an organization is, the stronger their internal controls become, and the higher the likelihood of having a successful, clean SOC 2 audit each year.

Texas’ Leading Provider of SOC 2 Audits – Fixed Fees & Superior Service

NDB is a leading provider of SOC 2 audits for service organizations all throughout the Lone Star State – including Austin, Dallas, Houston, San Antonio, and beyond.  Call NDB today at 512-522-4943 (Austin), 214-272-0967 (Dallas), or at 713-331-5492 (Houston) to learn more about NDB’s SOC 2 services, or email us at This email address is being protected from spambots. You need JavaScript enabled to view it. to discuss your compliance needs.