TPApril Posted Friday at 06:15 PM Posted Friday at 06:15 PM Very small TPA firm - a SOC Report has been requested. I'm curious if other small TPA firms have audits or documentation of their processes/systems prepared for them?
Pam Shoup Posted 21 hours ago Posted 21 hours ago It would depend upon the nature of the services being performed by the TPA. If they are strictly providing plan document, plan testing and 5500 services, then I am not sure what the value of the SOC 1 would be to the auditor. The auditor is basically going to be re-performing those functions as part the audit and not relying on anything in a SOC 1 report. If the TPA firm is providing recordkeeping services or somehow has authority to authorize plan transactions, then a SOC 1 would allow some reliance from the auditing firm on the SOC 1 report, and they would not have to re-perform every transaction in the plan. I would ask the recordkeeper for their SOC 1 & 2 report and provide a copy to the auditor. The auditor could also be asking you for your SOC 2 report. I would clarify with them what they need. Peter Gulia 1 Pamela L. Shoup CEBS, RPA, QKA
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now