Service Organization Control

From ACT Wiki
Revision as of 20:39, 3 February 2019 by imported>Doug Williamson (Create page. Sources: The Treasurer Dec 18 / Jan 19, p25 & Techtarget webpage https://searchcloudsecurity.techtarget.com/definition/Soc-1-Service-Organization-Control-1)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Information technology - standards.

(SOC).

A Service Organization Controls refer to internal controls that are likely to be relevant to an audit of financial statements. 

1 or Soc 1 (pronounced "sock one") report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements.


Soc 1 is divided into Type 1 and Type 2 reports. A Type 1 reports on a service organization’s suitability of design of controls on a specific date, while a Type 2 reports on the effectiveness of the control design over a period of time. Soc 1 reports are performed by a service auditor


See also

Retrieved from ‘https://wiki.treasurers.org/w/index.php?title=Service_Organization_Control&oldid=43683