Case Study: NeoSystems
Cherry Bekaert Helps NeoSystems Differentiate and Expand in the Market
NeoSystems Corp., a professional services company specializing in performing strategic back-office services for Government Contractors, needed to receive an SSAE16 Service Organization Controls (SOC 1) Report – previously SAS 70 – in order to satisfy client requests from their external auditors. As their business grew, so did their offerings. This prompted Cherry Bekaert to suggest that NeoSystems consider undertaking a SOC 2 audit to further differentiate them in the market. A SOC 2 audit is geared towards an organization providing services that don’t necessarily affect the financial reporting of their clients but impact mission critical elements of their customer’s business activities. Service Organizations, like NeoSystems, can choose to be audited against any, or all, of the five Trust Principles; security, availability, processing integrity, confidentiality and privacy; identified by the American Institute of Certified Public Accountants for a SOC 2.
Cherry Bekaert’s Guidance:
Having been a trusted financial advisor and resource to NeoSystems for many years, Cherry Bekaert worked with NeoSystems to identify areas of importance to their clients that would need to be audited as part of the SOC 2. In addition, Cherry Bekaert identified areas to leverage as part of the SOC 1 audit in order to increase efficiency and decrease the burden on NeoSystems’ internal resources. Using a dedicated management team responsible for overseeing both projects throughout the year ensured that these projects were completed on time and on budget, allowing NeoSystems to meet and exceed their customer’s expectations.
The end result of a SOC 2, a formal attestation report, can form an important part of stakeholders:
- organizational oversight,
- vendor management programs,
- internal corporate governance and risk management processes, and
- regulatory oversight
Having a SOC 1 and SOC 2 audit performed by Cherry Bekaert helped differentiate NeoSystems from its competitors while continuing to meet the needs of their growing client-base. As a result, the company has experienced an increase in new clients and is well positioned to handle large prospective clients currently in their pipeline that would most likely not have been a realistic target previously.
“Our customers look to us to provide a robust technical infrastructure to serve as a strong foundation from which they build many aspects of their business. It is extremely important to us that we provide our clients with an independent assessment of our technical environment and processes so that they have peace of mind that their systems will have a very high degree of availability and that their information is secure and protected. Cherry Bekaert realizes the important role we play with our clients and works with us to make sure that our systems, processes and controls are the best in the business.”
“As more and more companies look to leverage the productivity gains and cost efficiencies of cloud computing, we have seen our customers focus on availability and security increase ten fold. Having both a SOC 1 and SOC 2 certification has allowed us to successfully address the concerns of our clients, even those who are publicly traded or those that deal with classified contracts. There’s no doubt that Cherry Bekaert has helped us by examining our technical environment, controls and processes. Creating an environment our clients can trust has allowed us to grow our own business with the confidence of our customers.”