SOC logos are available for use by service organizations that have undergone a SOC 1 (formerly SSAE 16), SOC 2, or SOC 3 engagement within the prior 12 months.
The content varies between a Type 1 and Type 2 report, and, in most cases, not all of the Trust Services Principles and Criteria are included in the report; however, the general structure of the SOC 2 report remains the same
In a SOC 2 examination, two of the five Trust Services Principles and Criteria are Privacy and Confidentiality. These two principles can be confusing and may seem to overlap.
It is easy to feel overwhelmed by all of the terminology surrounding an audit. Here is a list of frequently used terms and their meanings: