UASI System and Organization Controls (SOC) Report

AICPA SOC for Service Organizations

Overview

UASI System and Organization Controls (SOC) Report is an independent third-party examination report that demonstrates how UASI achieves key compliance controls and objectives. The purpose of this report is to help you and your auditors understand the UASI controls established to support operations and compliance.

What information does the UASI SOC 2® Report provide?
SOC 2®: Security, Availability & Confidentiality
What is the Report? A description of the UASI controls environment and external audit of UASI controls that meet the AICPA Trust Services Security, Availability, and Confidentiality Principles and Criteria
Under what Standard is the Audit Report Performed? SSAE No. 18, Attestation Standards: Clarification and Recodification, which includes AT-C section 105, Concepts Common to All Attestation Engagements, and AT-C section 205, Examination Engagements AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2®) TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, 2017 Trust Services Criteria)
What’s the Primary Report Purpose? To provide customers and users with a business need with an independent assessment of UASI's control environment relevant to system security, availability, and confidentiality
Who is the Primary Report Audience? Users with a business need
What Period does the UASI Report Cover? 7 Months: 1/1/2018 – 7/31/2018
Which UASI services are in scope for the SOC 2® Report?

The covered UASI services that are already in scope for the SOC 2® Report are all revenue cycle services and the CodeIQ® software application.

Who performs the independent third-party audit of UASI for the SOC 2® Report?

MCM CPAs & Advisors LLP performs the SOC 2® audit.

Is a non-disclosure agreement (NDA) required to receive the UASI SOC 2® Report?

Yes, an NDA is required to review the UASI SOC 2® Report.

How do I request a UASI SOC 2® Report?

Customers may request a copy of the UASI SOC 2® Report by contacting the UASI Security Officer and executing the required NDA.

How often are the UASI SOC 2® Reports issued?

UASI issues SOC 2® Reports annually.

Contact us today to discuss your unique needs and objectives!