FAQ: We have a small company, how do we segregate Board of Directors from Management, and then, also the Internal Audit function?

FAQ: We have a small company, how do we segregate Board of Directors from Management, and then, also the Internal Audit function?

Depending on the size of your Company, you could look to another small business owner in a similar situation or trusted advisor to sit on each others board’s and create the necessary segregation. As always, consult with your auditor before taking any structural changes.

Additional FAQs

How long does a SOC 1 take to complete?

This depends on how prepared and how many resources an Organization has to dedicate to the project. The first time through, usually a readiness assessment would be performed, and then

Are Representation Letters Required in SSAE 18?

Previously in SSAE-16 a Management Representation Letter was highly recommended and common practice, however, they were not explicitly required to be obtained except in certain existing subject matter sections. This

How often is a SOC 2 audit required?

SOC 2 Type II audits should be performed annually, however, there are times you may choose to perform them twice a year. Additionally, if recently completing a SOC 2 Type

What is a SOC 2?

The Service and Organization Controls 2 Report, formally known as a Service Organization Controls Report as of the most recent update to the SSAE 18 audit standard. A SOC 2 report

Get Our Emails

SOC Reporting Guide