Terms
- AICPA
- CMMC
- Compliance Risk Management
- Compliance Automation Software
- Cybersecurity
- FedRAMP
- GDPR
- GRC
- HIPAA
- HIPAA Employee Training
- HIPAA Rules
- HIPAA Breach
- ISO 27001
- ISO 27001 Security Standard
- IT Security Policy
- Protected Health Information
- Risk Assessment
- Security Questionnaire
- SOC 1
- SOC 2
- SOC 2 Auditor
- SOC 3
- SOC Reports
- Trust Services Criteria (TSC)
- SSAE 16
- SSAE 18
- Vendor Assessment
- Vendor Management Policy
- Vendor Review
- Vulnerability Management
What is SOC 1?
A Service Organization Control 1 or SOC 1 report is documentation of the internal controls that are likely to be relevant to an audit of a customer's financial statements.
There are two types of reports for these engagements:
- Type 1 – report on the fairness of the presentation of management's description of the service organization's system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.
- Type 2 - report on the fairness of the presentation of management's description of the service organization's system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.
Use of these reports is restricted to, your company, your customers, and your auditors. If you'd like a report you can share publicly, you may want a SOC 3.
Subscribe and receive the latest content.
Get Started Today
Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report.