Skip to content Skip to footer

Loading Results

Building trust through controls reporting: SOC2

The need for greater trust and transparency

From global corporates and government departments, to private businesses and indeed service providers themselves, many organisations today face pressure to provide greater transparency regarding their operations. The potential reputational risks arising from not doing so, both for service providers themselves but also their customers, can be significant. 

Introducing SOC 2 reporting

A Service Organisation Controls (SOC) report provides an independent view focusing on a business’s non-financial reporting controls relevant to the Trust Services Principles (TSP). The scope of a report can include those principles relevant to the subject matter of the report, but must include all criteria within each selected Trust Principle. This therefore provides a consistent and internationally recognised framework to assess the effectiveness of an entity’s operational and compliance controls. 


Playback of this video is blocked because of your cookie preferences.

You can change your settings on the Cookies information page: you need to accept Advertising cookies to see this YouTube video.

"The newly revised AICPA trust services criteria now go further to meet stakeholders needs. Structural revisions have been made to align with COSO's principles of internal control, and criteria added to address cyber security risks. We’re currently examining the updated framework to understand the impact on SOC 2 reporting going forward.”

Benefits of SOC 2 reporting

For customers of service providers

  • Allows for a single deliverable to address the demands of your customers for increased transparency into your operations
  • Helps your customers manage the risks involved with outsourcing key functions

For service providers

  • Builds trust and transparency with your customer base
  • Strengthens your position as a competitive service provider

Our approach

Establish the scope

Selecting the relevant trust principles to provide the necessary level of transparency to your clients

Readiness assessment

Identifying areas for improvement in the design effectiveness of your controls

Controls remediation

Using our recommendations to improve effectiveness of controls, manage the implementation of the changes

Validation and reporting

Testing your controls and issuing a report including independent assurance, that can be shared with potential and existing customers

Contact us

David  Woerndl

David Woerndl

Global SWIFT CSP Lead, PwC United Kingdom

Tel: +44 (0)7809 756281

Tim Clough

Tim Clough

Partner, Assurance, PwC United Kingdom

Tel: +44 (0)7483 378386

Krishna Iyer

Krishna Iyer

Director, Stakeholder Assurance, PwC United Kingdom

Tel: +44 (0)7841 566415

Follow us