SOC 2 compliance reports
An effective SOC 2 examination (often referred to as a SOC 2 audit) should do more than deliver assurance to your clients that you handle their data properly—it should improve your business’ ability to do so. There are two types of reports, a Type 1 examination, and a Type 2 examination.
A SOC 2, Type 1 examination is an important step toward providing the assurance that you and your clients need. The SOC 2, Type 1 examines the description you have provided of the internal controls in your system, and it measures that description against the AICPA’s Trust Service Principles. It serves as a stepping-stone for the SOC 2, Type 2 that examines whether or not your system of controls actually functions as described. After all, if you haven’t designed a system that can meet the principles, then there’s no point in going through the additional expense of testing the system to see if it functions as designed.
Through the Auditwerx SOC Readiness Assessment, we work with our clients to help them understand what controls need to be in place to earn a favorable SOC 2 compliance and identify any gaps between their current controls and the desired system.
Our "SOC Report Executive Summary" provides additional details on all three SOC Reports. Download it for free below.