SOC 1 report: Difference between revisions

From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson
(Create page. Sources: The Treasurer Dec 18 / Jan 19, p25 & Techtarget webpage https://searchcloudsecurity.techtarget.com/definition/Soc-1-Service-Organization-Control-1)
 
imported>Doug Williamson
(Add link.)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
''Information technology - standards.''
''Information technology - standards.''


A SOC 1 report covers Service Organization Controls. These are internal controls that are likely to be relevant to an audit of financial statements.
A SOC 1 report covers Service Organisation Controls. These are internal controls that are likely to be relevant to an audit of a service organisation's customer's financial statements.


A SOC 1 report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements.
A SOC 1 report is written documentation of the relevant internal controls.




SOC 1 is divided into Type 1 and Type 2 reports.  
SOC 1 is divided into Type 1 and Type 2 reports.  


*A Type 1 reports on a service organization’s suitability of design of controls on a specific date
*A Type 1 reports on a service organisation’s suitability of design of controls on a specific date
*A Type 2 reports on the effectiveness of the control design over a period of time.
*A Type 2 reports on the effectiveness of the control design over a period of time.




== See also ==
== See also ==
* [[Cloud computing]]
* [[Information security management system]]
* [[Information security management system]]
* [[Internal control]]
* [[Internal control]]
Line 18: Line 19:
* [[Risk management]]
* [[Risk management]]
* [[Security]]
* [[Security]]
* [[SOC 2 report]]


[[Category:Accounting,_tax_and_regulation]]
[[Category:Accounting,_tax_and_regulation]]
[[Category:Technology]]
[[Category:Technology]]

Latest revision as of 18:37, 19 April 2019

Information technology - standards.

A SOC 1 report covers Service Organisation Controls. These are internal controls that are likely to be relevant to an audit of a service organisation's customer's financial statements.

A SOC 1 report is written documentation of the relevant internal controls.


SOC 1 is divided into Type 1 and Type 2 reports.

  • A Type 1 reports on a service organisation’s suitability of design of controls on a specific date
  • A Type 2 reports on the effectiveness of the control design over a period of time.


See also

Retrieved from ‘https://wiki-dev.treasurers.org/w/index.php?title=SOC_1_report&oldid=42644