FAQ: We have a small company, how do we segregate Board of Directors from Management, and then, also the Internal Audit function?

FAQ: We have a small company, how do we segregate Board of Directors from Management, and then, also the Internal Audit function?

Depending on the size of your Company, you could look to another small business owner in a similar situation or trusted advisor to sit on each others board’s and create the necessary segregation. As always, consult with your auditor before taking any structural changes.

Additional FAQs

How often is a SOC 2 audit required?

SOC 2 Type II audits should be performed annually, however, there are times you may choose to perform them twice a year. Additionally, if recently completing a SOC 2 Type

What is SSAE 18 (formerly SSAE 16)?

A SOC 1 Type 1 report typically costs on average anywhere between $10,000 and $20,000 USD, without the readiness assessment project which most Organizations benefit from and can be an

How long does a SOC 1 take to complete?

This depends on how prepared and how many resources an Organization has to dedicate to the project. The first time through, usually a readiness assessment would be performed, and then

SOC 1 or HITRUST?

The SOC 1 has a completely different purpose than HITRUST. Typically a company would perform both if they are a TPA processing medical claims and other claims, where, there is

Get Our Emails

SOC Reporting Guide