AuditXYZ

Audit Firm

RSM US LLP

Chicago, IL(HQ)New York, NYSan Francisco, CABoston, MADallas, TXRemote (US nationwide)
Frameworks:soc-1soc-2iso-27001hipaapci-dsshitrustnist-csfnist-800-53fedrampcmmcgdprccpa
Request quoteVisit website
FirmRSM US LLP
HQChicago, IL
Founded1926
Employees13000-15000
Websitersmus.com
Typical Cost$25,000–$120,000
Frameworks
soc-1soc-2iso-27001hipaapci-dsshitrustnist-csfnist-800-53fedrampcmmcgdprccpa

Frameworks Offered

soc-1soc-2iso-27001hipaapci-dsshitrustnist-csfnist-800-53fedrampcmmcgdprccpa

RSM US LLP Auditor Profile

RSM US LLP is the fifth-largest accounting and advisory firm in the United States and a member of RSM International, the sixth-largest global network. With more than 13,000 professionals across 80+ US offices, RSM is the dominant mid-market audit firm, serving companies that need Big Four capabilities without Big Four pricing.

What RSM US Does Well

Mid-market dominance is RSM's defining position. The firm is purpose-built for companies with revenues between $10 million and $1 billion, and their audit methodology, staffing model, and pricing are all calibrated for this segment. They audit more middle-market companies than any other firm in the US.

Framework breadth matches the largest firms. RSM holds credentials for SOC 1, SOC 2, ISO 27001, HIPAA, HITRUST, FedRAMP, and CMMC, allowing clients to consolidate multiple frameworks with a single firm. Their cybersecurity risk consulting team adds penetration testing and vulnerability assessments.

National reach with local presence means RSM can staff engagements locally across 80+ offices while drawing on national centers of excellence for specialized frameworks like FedRAMP and CMMC. This combination of geographic coverage and deep expertise is difficult for smaller firms to replicate.

Engagement Process

RSM's compliance engagements follow a disciplined methodology that begins with a thorough scoping and planning phase. Dedicated engagement teams include partners, managers, and staff with framework-specific certifications. Evidence collection is structured and increasingly leverages compliance automation platforms. RSM provides regular status updates and aims for predictable timelines.

Pricing Expectations

SOC 2 Type II audits for mid-market companies typically range from $30,000 to $60,000. ISO 27001 certification starts at $25,000. Complex multi-framework engagements for larger organizations can reach $120,000 or more. RSM's pricing reflects its position between boutique firms and the Big Four.

Who Should Choose RSM US

RSM is the ideal choice for mid-market companies seeking a top-tier audit firm with national scale, deep framework expertise, and pricing below the Big Four. Organizations pursuing multiple compliance frameworks or planning international expansion benefit from RSM's global network.

Request a Quote

Request a quote from RSM US LLP

By submitting, you agree to our privacy policy.

Similar firms

A-LIGN
soc-2
A-LIGN is one of the largest and most recognized compliance audit firms in the United States. Profile includes pricing, framework coverage, reviews, and engagement process.
View
A-Systems
iso-27001
A-Systems is a UAE-based ISO certification body offering ISO 27001, ISO 27701, and ISO 22301 certification audits for organizations in the Middle East.
View
Accredia Accredited Certification Bodies
iso-27001
Accredia is Italy's national accreditation body, accrediting ISO certification bodies to deliver ISO 27001, ISO 27701, and management system certifications in the Italian market.
View
AENOR
iso-27001
AENOR is Spain's national standards and certification body offering ISO 27001, ISO 27701, ENS, and management system certifications across Spain and Latin America.
View