SOC 1 report

From ACT Wiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Information technology - standards.

A SOC 1 report covers Service Organisation Controls. These are internal controls that are likely to be relevant to an audit of a service organisation's customer's financial statements.

A SOC 1 report is written documentation of the relevant internal controls.


SOC 1 is divided into Type 1 and Type 2 reports.

  • A Type 1 reports on a service organisation’s suitability of design of controls on a specific date
  • A Type 2 reports on the effectiveness of the control design over a period of time.


See also