Solutions to explore
Strategy and implementation
Educating board and senior leadership members on industry-specific trends
Performing current state assessments and analyzing current initiatives
Undertaking market research to understand what competitors and companies in your value chain are doing in the ESG area that will impact you
Prioritizing ESG topic focus areas and goals through a materiality assessment
Assisting with ESG questionnaires
Type 1 vs. Type 2 reports
SOC for Supply Chain
SOC 2 and SOC 3 reports
SOC for Cybersecurity
SOC 1 reports
CASE STUDY
CASE STUDY
Manufacturing and kitchen design company begins their ESG journey
Private equity firm packages existing initiatives to build ESG strategy
SOC 2 reports
Baker Tilly partners with Workiva to help organizations streamline risk management processes and compliance reporting
PRESS RELEASE
•Purpose: Reports on the effectiveness of the controls of the service organization related to operations, based on the selected trust services criteria (TSC)
•Scope: Governance, operational and information technology general controls that address one or more of the TSC categories: security, confidentiality, availability, processing integrity and privacy
•Audience: User organization’s information technology executives, compliance officers, vendor management executives, regulators, other specified parties and appropriate business partners
•Additional Criteria: SOC 2 reports can also include other suitable criteria, such as HITRUST, the HIPAA Security Rule and others
Learn more about
assurance services
Bond designation and post-issuance reporting
Title
ARTICLE
The AICPA has developed a report on an entity’s system and controls for producing, manufacturing or distributing goods to better understand the risks in an organization’s supply chain.
Tax strategy
2022 DevelUP: affordable housing workshop
RESOURCE
Do not confuse SOC 1 and SOC 2 with Type 1 and Type 2. Both a SOC 1 and a SOC 2 can be either a Type 1 or Type 2. The key differences are:
•Type 1 addresses the design of controls as of a point in time
•Type 2 addresses the operating effectiveness of controls over a period of time
•Type 1 reports provide less comfort to the intended audience of the report and are uncommon
Unsure which report best meets your organization's needs? Take the questionnaire below and tell us more about your reporting scenario.
Energy transition
Smart cities, district energy and decarbonization
Learn more about
energy transition services
With a volatile landscape, the process of monitoring, managing, and continuously advancing ESG projects is ongoing. We can support you in the continuous journey by creating custom dashboard solutions, assisting with reporting and communication development, and by monitoring any changes to ESG regulation requirements.
It is important for organizations to share their ESG story and communicate progress transparently with stakeholders. We can work with you to create meaningful messaging around their ESG vision, progress, and metrics by organizing, laying out and writing your ESG or sustainability report. We will focus on ensuring any reporting and/or communications to both internal and external stakeholders are consistent with your strategy, where you are in your ESG journey, the selected ESG framework, and the current environment.
Reporting and communications
Baker Tilly partners with Workiva to help organizations streamline risk management processes and compliance reporting
PRESS RELEASE
Evaluating electricity power projects
CASE STUDY
ARTICLE
Steel supplier and manufacturer received $32 million in NMTC financing for expansion
CASE STUDY
SOC for Cybersecurity is a framework that establishes common criteria and guidelines for providing assurance surrounding an organization’s cybersecurity risk management program. It enables organizations to report on their cybersecurity risk management programs to external stakeholders with the credibility associated with an independent auditor’s report.
– Second party opinions: Second-party opinions provide investors with an independent review and assessment declaring your organization’s financing is in line with industry-accepted standards for the ESG bond designation Typically, the available frameworks encourage and prefer that organizations report on certain bond-related metrics on a regular basis.
– Annual attest reporting: We can conduct a bond securitization review report AT-C 210, which is issued to fulfill regulatory disclosure requirements, depending on the ESG framework chosen. We can also assist with disclosure preparation and strategy for post-issuance and publish ESG-bond related reports.
Established to address other types of third-party risks outside of financial reporting, SOC 2 and 3 reports provide user organizations with assurance over the critical systems and sensitive data used to provide the outsourced services. Typically, these reports are used to meet vendor risk management requirements that customers may request surrounding security. While the two options have similar scope, a SOC 3 has less detail and, therefore, typically provides less value to report users.
SOC 1 reporting engagements provide user organizations comfort about the outsourced services performed by service organizations on their behalf, which are relevant to their internal controls over financial reporting.
•Purpose: Reports on the controls of the service organization that are relevant to the user organization's internal controls over financial reporting
•Scope: Controls related to the accuracy and completeness of financial data processing and information technology general controls
•Audience: User organization’s financial executives, compliance officers and financial statement auditors
–
–
–
–
–
–
–
–
–
Support enterprise leadership in understanding the tax impact of ESG related decisions by analyzing the current tax model, reviewing intercompany transfer pricing policies and reviewing compliance with reporting requirements
Architect an operating model to optimize the global tax rate within the enterprise ESG strategy
Implement desired operating model in compliance with local and international requirements
Develop ESG tax report for public disclosure or internal disclosure only (language subject to change)
Tax overlays ESG in many ways and building a sustainable tax strategy is nothing new to us. Related areas of specialty include: New Markets Tax Credits, Historic Tax Credits, multifamily housing, Property Assessed Clean Energy (PACE), research and development credits, tax transformation and automation and other various tax incentives related to environmental-friendly business functions.
SOC 3 reports
•Purpose: Same purpose as SOC 2 report
•Information required: Same information as SOC 2 report, but with a less detailed description of the controls of the service organization
•Audience: May be unrestricted and can be used by anyone who has the appropriate understanding of the subject matter and who would like confidence in the controls for the service organization