Type 2 SOC 1: Difference between revisions
From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson (Create page. Sources: linked pages.) |
imported>Doug Williamson (Add link.) |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
''Information technology - standards.'' | ''Information technology - standards.'' | ||
A SOC 1 report is written documentation of the internal controls that are likely to be relevant to an audit of a customer’s financial statements. | A SOC 1 report is written documentation of the internal controls that are likely to be relevant to an audit of a service organisation's customer’s financial statements. | ||
A Type 2 SOC 1 report covers the effectiveness of the control design over a period of time. | A Type 2 SOC 1 report covers the effectiveness of the control design over a period of time. | ||
Line 8: | Line 8: | ||
== See also == | == See also == | ||
* [[Information security management system]] | * [[Information security management system]] | ||
* [[Information technology]] | |||
* [[Internal control]] | * [[Internal control]] | ||
* [[ISO 27001]] | * [[ISO 27001]] |
Latest revision as of 06:57, 23 August 2019
Information technology - standards.
A SOC 1 report is written documentation of the internal controls that are likely to be relevant to an audit of a service organisation's customer’s financial statements.
A Type 2 SOC 1 report covers the effectiveness of the control design over a period of time.