SOC 1 and SOC 2 Testing Procedures

During a SOC 1 or SOC 2 engagement, the auditor uses four main techniques to test each control in place at the service organization: inquiry, observation, examination or inspection of evidence, and re-performance. These tests help the auditor develop an opinion on the suitability of the design and the operating effectiveness of controls in place at the service organization.