With the ever increasing trend toward ‘outsourcing’ and the use of third parties to manage and process data, there is a very tangible need to manage the risk associated with these arrangements.

We provide third party assurance services to a wide range of clients across a number of sectors including banking, IT, asset management and insurance. Obtaining a SOC (Service Organisation’s System Controls) report is a value add and credible solution to the management and oversight of your third party providers and their respective risk and control environments.

These reports can take the form of SOC 1, 2 or 3 report or alternatively a tailored attestation report:

Partner Brendan Foster

Business Risk Services

Find out more
  • SOC 1 report – is an assurance report that reports on a service organization’s system of internal controls that are relevant to the internal controls over financial reporting of a user organisation.
  • SOC 2 / SOC 3 reports – focus on a business's non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system


Why choose Grant Thornton?

Grant Thornton performs all of its SOC engagements in accordance with the relevant professional assurance standards – i.e. ISAE 3402 or SSAE 18 (previously SSAE 16). Our clients attest that they derive tangible benefits from engaging a SOC assurance review and report annually. The ultimate benefit being one of protecting and enhancing the value of their business by:

  • achieving competitive advantage in the marketplace in having this control oversight mechanism in place;
  • adding weight to their business proposition and risk management capabilities in tendering for new business;
  • providing assurance to existing clients to support and protect their business relationship;
  • enhancing reputational credibility as an outsourced service provider in the market place;
  • achieving operational efficiency by reducing management time spent answering client and/or auditor queries;
  • supporting the proactive management of their control environment via identification and remediation of risk/ control matters raised in the SOC report itself; and
  • satisfying assurance requirements of other parties – such as Board of Directors/banks/regulators.

If you would like to know more about our Third Party Assurance service offerings please contact sara.mcallister@ie.gt.com or any member of the dedicated Third Party Assurance management team.