Last updated: May 2026
PBMares is a regional SOC 2 audit firm in Newport News, VA, USA that charges $20K–$55K for Type II audits with 4–8 month timelines. Founded in 1979, they hold 2 accreditations and specialize in SaaS, Healthcare, Financial Services, and 2 more. Their pricing is in the mid-range compared to the regional average of $20.955K–$57.773K.
Free · 90 seconds · Anonymous until PBMares replies
Note: Pricing shown is estimated based on typical engagements. Use our SOC 2 cost calculator for a personalized estimate.
of Regional firms charge more for Type II
of Regional firms have longer minimum timelines
certifications (tier avg: 2)
Side-by-side pricing, timeline, and certification counts for the 5 closest-priced peers in the regional tier.
| PBMares | Crowe MacKay LLP | Holbrook & Manter | Tanner LLC | Councilor, Buchanan & Mitchell (CBM) | Linford & Company | |
|---|---|---|---|---|---|---|
| Type II Cost | $20K–$55K | $25K–$50K | $20K–$55K | $20K–$55K | $20K–$55K | $18K–$58K |
| Type I Cost | $15K–$40K | $15K–$30K | $15K–$40K | $15K–$40K | $15K–$40K | $13K–$35K |
| Timeline | 4–8 mo | 4–11 mo | 4–8 mo | 4–8 mo | 4–8 mo | 3–8 mo |
| Team Size | 50-300+ | 450–500 | 50–300 | 99–300 | 50–300 | 25–35 |
| Certifications | 2 | 2 | 1 | 2 | 1 | 2 |
| Founded | 1979 | 1969 | 1919 | 1946 | 1921 | 2008 |
For buyers in SaaS and Healthcare, PBMares fits the regional profile when timeline (4–8 months) and Type II pricing ($20K–$55K) align with what regional firms typically deliver. Their 2 active accreditations — including PCI-QSA — extend that fit beyond pure SOC 2 into adjacent compliance frameworks.
Mid-market SaaS, consulting, and government contractors seeking hands-on SOC 2 guidance with deep industry expertise.
CPA firm combining licensed CPAs with cybersecurity professionals, offering industry-specific SOC 2 expertise and practical business value beyond compliance.
of 5 criteria match. Get a personalized quote
Visit PBMares's website directly, or request a quote anonymously through us — we route your scope to PBMares and have a price back to you in 48 hours without revealing your identity until you decide to engage.
5 industries — Regional average: 5
2 certifications — Regional average: 2
Standard CPA workpapers
PBMares SOC 2 Type I audits typically range from $15K to $40K. Type II audits range from $20K to $55K. This is in the mid-range for regional firms — the regional tier average is $20.955K–$57.773K. Final pricing depends on your organization's scope, number of trust service criteria, and system complexity.
A buyer-side checklist. Bring these to your first call — the answers separate firms that have run hundreds of SOC 2 engagements from firms that are bidding on them.
Tell us your scope. We'll route it to PBMares and have a price back to you, anonymously, in 48 hours.
Want to compare? See 22 similar regional firms · or just ask us to get 3 quotes instead
Auditor-process side: what changes about the SOC 2 engagement when HIPAA mapping is in scope. Evidence-file boundaries, bridge-letter cadence, and which firms in our directory deliver it.
A complete 2026 guide to SOC 2 for healthcare companies. Learn how SOC 2 maps to HIPAA, prioritize Trust Services Criteria, and prepare for your audit.
Get a complete guide to SOC 2 for SaaS companies. Learn costs ($15k-$400k+), timelines, TSCs, auditor selection, & accelerate enterprise sales.
Menu
