SSAE
- SOC 1: This engagement reports on whether the organization’s service has effective internal controls related to financial reporting to protect customer data.
- SOC 2: This test examines internal security-related controls, including data availability, privacy, and integrity.
- SOC 3: Similar to SOC 2, this report confirms the validity of internal security controls without providing specific definitions of organizational systems. While SOC 1 and SOC 2 reports are available to customers using provider services, the SOC 3 report is for the general public, allowing potential consumers to see that the organization complies without disclosing any very important or confidential information about their operations and programs.
Recent Comments