Service Organization Control: Difference between revisions

From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson
(Create page. Sources: The Treasurer Dec 18 / Jan 19, p25 & Techtarget webpage https://searchcloudsecurity.techtarget.com/definition/Soc-1-Service-Organization-Control-1)
 
imported>Doug Williamson
(Add link.)
 
(5 intermediate revisions by the same user not shown)
Line 3: Line 3:
(SOC).
(SOC).


A Service Organization Controls refer to internal controls that are likely to be relevant to an audit of financial statements.
Service Organization Controls refer to internal controls that are likely to be relevant to an audit of a service organisation's customer's financial statements.
 
1 or Soc 1 (pronounced "sock one") report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements.
 
 
Soc 1 is divided into Type 1 and Type 2 reports. A Type 1 reports on a service organization’s suitability of design of controls on a specific date, while a Type 2 reports on the effectiveness of the control design over a period of time. Soc 1 reports are performed by a service auditor




== See also ==
== See also ==
* [[Audit]]
* [[Financial statements]]
* [[Information security management system]]
* [[Information security management system]]
* [[Internal control]]
* [[ISO 27001]]
* [[ISO 27001]]
* [[Risk management]]
* [[Risk management]]
* [[Security]]
* [[Security]]
* [[SOC 1 report]]
* [[SOC 1 report]]
* [[SOC 2 report]]


[[Category:Accounting,_tax_and_regulation]]
[[Category:Accounting,_tax_and_regulation]]
[[Category:Technology]]
[[Category:Technology]]

Latest revision as of 18:31, 19 April 2019

Information technology - standards.

(SOC).

Service Organization Controls refer to internal controls that are likely to be relevant to an audit of a service organisation's customer's financial statements.


See also

Retrieved from ‘https://wiki.treasurers.org/w/index.php?title=Service_Organization_Control&oldid=43689