What is a service organization control (SOC) report?
A service organization control report is intended to build trust and confidence for user organizations that rely on service organizations. Basically, a service organization provides services to a user company, and the SOC report is prepared by a firm to make sure that the service organization has proper controls around their processes.
There are two types of SOC reports that can be prepared by a service auditor. A type 1 report only assesses the design and implementation of a service organizations internal controls. A type 2 report assesses the design and implementation, but also assesses the operating effectiveness of the internal controls.
Back To All Questions