Keiter

Keiter is a SOC 2 audit firm based in Glen Allen, VA serving smb and mid-market companies. They offers audit readiness assessments. Industry focus areas include SaaS, Technology, Financial Services, and others.

Keiter is a Virginia-based CPA firm offering SOC 1 and SOC 2 examinations through their Risk Advisory Services team. Their practice lead, Scott McAuliffe (CISA, CFE), has 25+ years in public accounting, including Sarbanes-Oxley, internal audit, and CMMC work. They also offer IT audit via Keiter Technologies.

Who Keiter May Be a Fit For

Based on the firm's listed attributes, Keiter may be a good match for the following types of buyers. Always confirm fit directly with the firm before engaging.

• Companies in SaaS, Technology, Financial Services, Healthcare, Government Contracting looking for an auditor with sector-specific experience.
• Organizations at the SMB, Mid-Market stage that need an auditor sized appropriately for their environment.
• Companies pursuing either a first-time Type I or a renewal Type II audit.

What to Evaluate Before Engaging This Firm

Before signing an engagement letter with any SOC 2 auditor, take time to verify the following. These factors apply broadly but are worth confirming for each firm on your shortlist.

Read more: How to choose a SOC 2 auditor · SOC 2 audit cost guide

Questions to Ask Keiter

Use these practical questions during an introductory call to evaluate fit, scope, and working style.

• How many SOC 2 audits does your team complete per year?
• What is your experience auditing companies in SaaS?
• Is pricing fixed-fee or time-and-materials?
• What is the expected timeline from kickoff to report delivery?
• Do you offer readiness assessments or gap analyses?
• Who will be my day-to-day point of contact?
• Can you share a sample engagement letter or report?

See all recommended questions: Questions to ask your SOC 2 auditor →

About Keiter and SOC 2 Audits

Does Keiter offer SOC 2 Type I and Type II audits?

Keiter offers SOC 2 Type I and SOC 2 Type II audit services. They can handle first-time engagements (Type I) and recurring audits that cover operating effectiveness over a review period (Type II).

What industries does Keiter have SOC 2 audit experience in?

Keiter serves clients in SaaS, Technology, Financial Services, Healthcare, Government Contracting. Sector-specific experience helps an auditor identify the controls that matter for your industry, anticipate regulatory overlaps, and avoid unnecessary back-and-forth during scoping.

What size companies does Keiter work with?

Keiter focuses on smb, mid-market organizations. An auditor matched to your company stage is more likely to scope the engagement correctly and offer pricing that fits your budget.

Does Keiter offer SOC 2 readiness assessments?

Keiter offers audit readiness support. A readiness assessment flags control gaps before the formal audit, so you can fix issues on your own timeline rather than scrambling during fieldwork.

What is Keiter's pricing model for SOC 2 audits?

Keiter uses a custom pricing model. Contact the firm directly for a quote tailored to your audit scope and company size.

How long does a SOC 2 audit take with Keiter?

Keiter's typical timeline is 4–8 weeks. Actual duration depends on audit type, company readiness, and the observation period for Type II engagements. Before signing, ask for a written timeline with milestones for readiness, observation, fieldwork, and report delivery.

Where is Keiter located?

Keiter is headquartered in Glen Allen, VA. SOC 2 audits are typically conducted remotely, so location is less important than industry experience and platform familiarity. That said, overlapping time zones can make scheduling easier.

Similar SOC 2 Audit Firms

Browse by Category

• SaaS SOC 2 auditors
• Technology SOC 2 auditors
• Financial Services SOC 2 auditors
• Healthcare SOC 2 auditors
• SMB SOC 2 auditors
• Mid-Market SOC 2 auditors