Sign in
get started
Sign in
get started
PCI DSS is now live in Drata. Learn More

SOC 1

Back to the Security & Compliance Glossary

JOIN THE HUNDREDS OF COMPANIES THAT TRUST DRATA
Trusted by the best:
Abnormal
Lemonade_logo
external-content.duckduckgo
Bamboo_HR_logo
logo for notion
clearbanc
smart-recruiters
Previous
Next

Terms

What is SOC 1?

A Service Organization Control 1 or SOC 1 report is documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements.

There are two types of reports for these engagements:

  • Type 1 – report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.
  • Type 2 – report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

Use of these reports is restricted to, your company, your customers, and your auditors. If you’d like a report you can share publicly, you may want a SOC 3.

Drata Customer Case Studies

Subscribe & receive the latest content.

Subscribe & receive the latest content.

PUT COMPLIANCE ON AUTOPILOT

Get Started Today

Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.

Get Started

joe-reeve2
Case Study:

Learn how Iteratively used Drata to get their SOC 2 report faster than most thought possible, and now monitor their security & compliance posture…

Read More