SOC and SSAE 18 Reporting: Practical Tips and Strategies Explored

Shabbir has a decade of experience providing cross-functional services to clients, including SOC reporting, financial and IT assurance and advisory, risk management, SOX 404 compliance and forensic accounting for multiple mid-sized to large companies. Shabbir performs and leads System and Organization Controls (SOC) audits, including readiness assessments, gap analysis, documentation of process narratives, testing and remediation of business and IT controls, and preparation and issuance of reports. He also has substantial experience in advisory services including managing several internal audit outsourcing/co-sourcing projects through developing and executing financial and IT risk assessments, and assessing IT general, application and cybersecurity processes and controls to determine if controls are suitably designed and operating effectively relative to the clients’ size, complexity and risk appetite.

Steve brings a real energy to client engagements. Trusted for both his technical and business savvy, he continuously seeks ways to improve and grow, including learning about new ideas and techniques that may help clients achieve greater success. Steve remains dedicated to working beyond what is expected without being asked, communicating early and often, and treating clients and colleagues with respect.

With more than 30 years as a CPA, including national firm experience, Steve is one of the firm’s technical resources for the application and implementation of audit and attest requirements, as well as the proper presentation of GAAP financial statement disclosures. He also has deep expertise in the area of SOC 1 and SOC 2 reports. In addition to not-for-profit entities, Steve works with clients in a variety of industries, including manufacturing and distribution.