Recently, we have noticed that clients of service organizations are asking for a “SOC” report in general, and not necessarily specifying which type of report they are looking for [i.e., SOC 1 (f. SSAE 16), SOC 2, or SOC 3].
Tag: Processing Integrity
SOC 2 Common Criteria vs. Old TSPs
On December 15, 2014, the new SOC 2 Common Criteria took effect. What does that mean for your SOC 2 audit?
Signs You Should be Receiving a SOC Report/Examination
A SOC (Service Organization Control) report is a report on controls at a service organization related to various types of subject matter, for example: controls that affect user entities’ financial reporting; controls that affect the security, availability, and processing integrity of the systems; or the confidentiality or privacy of the information processed for user entities’ clients.