SOC 1

More Terms

HIPAA
ISO 27001
GRC
SOC reports
SOC 1
SOC 2
SOC 3
SSAE 16
SSAE 18
AICPA
SOC 2 auditor
SOC Trust Services Criteria
Compliance risk management
IT security policy
Vendor management policy
Vendor review
Vendor assessment
Security questionnaire
Compliance software
HIPAA employee training
HIPAA Rules
ISO27001 security standard

What is SOC 1? A Service Organization Control 1 or SOC 1 report is documentation of the internal controls that are likely to be relevant to an audit of a customer's financial statements.

There are two types of reports for these engagements:

  • Type 1 – report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.
  • Type 2 - report on the fairness of the presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

Use of these reports is restricted to,  your company, your customers, and your auditors. If you’d like a report you can share publicly, you may want a SOC 3.

Go back to glossary

Everything you need to get compliance audit ready, fast

Get Started
About
Careers
Glossary
Privacy PolicyTerms & Conditions
Vanta Inc. © -
We'll email you within 24 hours
Please enter your first name
Please enter your last name
Please enter a valid email address
Please enter your company website
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.