Audit requirement

We are currently facing challenges in obtaining the following information from greythr:

1. IPE Reports: EY Audit team requests, the greythr to provide the IPE reports.

EY ALSO POINTED OUT THAT
2. SOC 1 Type 2 Report: The vendor, asserts that GreytHR do not perform financial transactions and therefore cannot provide a SOC 1 Type 2 report. However, our understanding is that GreytHR is utilized for Attendance, Leaves, Payroll, Expenses, and Assets, which directly or indirectly influence the financial statements. As a result, the absence of a SOC 1 Type 2 report prevents us from evaluating the effectiveness of internal controls that could impact the financial reporting.

We would appreciate your immediate assistance in resolving these matters. With the Board Meeting date approaching in just ten days, we need to either finalize these open items or document any necessary exceptions.

Hi Kousik,

Welcome to greytHR Community - Thanks for contributing.
We could see that the relevant audit documents are shared with you already.

On the SOC1 Type 2, this is advised from our Auditors as we are not providing any payment gateway solution or PCI related services, this is not a required audit as of now. Hope you are in receipt of our SOC2 Type II report?

We strive as best as we can to ensure our clients compliance requirements are satisfactorily met. Thank You

Request kindly update your ticket with specific queries to help us track and close it effectively.