UASI System and Organization Controls (SOC) Report
UASI System and Organization Controls (SOC) Report is an independent third-party examination report that demonstrates how UASI achieves key compliance controls and objectives. The purpose of this report is to help you and your auditors understand the UASI controls established to support operations and compliance.
|SOC 2®: Security, Availability & Confidentiality|
|What is the Report?||A description of the UASI controls environment and external audit of UASI controls that meet the AICPA Trust Services Security, Availability, and Confidentiality Principles and Criteria|
|Under what Standard is the Audit Report Performed?||SSAE No. 18, Attestation Standards: Clarification and Recodification, which includes AT-C section 105, Concepts Common to All Attestation Engagements, and AT-C section 205, Examination Engagements AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2®) TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, 2017 Trust Services Criteria)|
|What’s the Primary Report Purpose?||To provide customers and users with a business need with an independent assessment of UASI's control environment relevant to system security, availability, and confidentiality|
|Who is the Primary Report Audience?||Users with a business need|
|What Period does the UASI Report Cover?||7 Months: 1/1/2018 – 7/31/2018|
The covered UASI services that are already in scope for the SOC 2® Report are all revenue cycle services and the CodeIQ® software application.
MCM CPAs & Advisors LLP performs the SOC 2® audit.
Yes, an NDA is required to review the UASI SOC 2® Report.
Customers may request a copy of the UASI SOC 2® Report by contacting the UASI Security Officer and executing the required NDA.
UASI issues SOC 2® Reports annually.