Type 2 SOC 1: Difference between revisions
From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson (Expand first sentence.) |
imported>Doug Williamson (Add link.) |
||
Line 8: | Line 8: | ||
== See also == | == See also == | ||
* [[Information security management system]] | * [[Information security management system]] | ||
* [[Information technology]] | |||
* [[Internal control]] | * [[Internal control]] | ||
* [[ISO 27001]] | * [[ISO 27001]] |
Latest revision as of 06:57, 23 August 2019
Information technology - standards.
A SOC 1 report is written documentation of the internal controls that are likely to be relevant to an audit of a service organisation's customer’s financial statements.
A Type 2 SOC 1 report covers the effectiveness of the control design over a period of time.