•  Home
  •  Dashboard
  •  Company
    • About Us
    • Blog
    • Careers
    • Contact Us
    • Data Centers
    • Looking Glass
    • Network
    • Reseller
  •  Hosting Services
    • Infrastructure
      • iColocation
    • Compute
      • cMetal
      • cVirtual
    • Storage
      • sObject
      • sBlock
    • Networking
      • nCDN
      • nIP Transit
      • nWavelength
    • Protection
      • pBackup
      • pDDoS
  •  Solutions
    • Ecommerce
    • Finance
    • Gaming
    • Hosting
    • Management
    • Security
    • System Integrator
  •  Support
    • Community
    • Knowledge Base
    • Open A Ticket
  •  USA & Canada: 800-933-1517
  •  International: 626-549-2801
  •  Email: sales@psychz.net
  • Services
    • new-colocation-header-img
      Infrastructure
      • iColocation
    • new-compute-header-img
      Compute
      • cMetal
      • cVirtual
    • new-storage-header-img
      Storage
      • sObject
      • sBlock
    • new-networking-header-img
      Networking
      • nCDN
      • nIP Transit
      • nWavelength
    • new-protection-header-img
      Protection
      • pBackup
      • pDDoS
  • Solutions
    • Ecommerce
    • Security
    • Gaming
    • Hosting
    • Management
    • Finance
    • System Integrator
  • Dashboard

soc 1 vs soc 2

  • Home
  • Client
  • Qa Forum
  • soc 1 vs soc 2

Posted By: Manny | 1 Replies | Last Reply On: May 25, 2017 08:14:37

what is the difference between soc 1 and soc 2? 

Psychz - Ganesh

Votes: 0Posted On: May 25, 2017 08:14:37
 

The Service Organization Control (SOC) framework was introduced as a new reporting platform by the American Institute of Certified Public Accountants (AICPA) and replaced the SAS 70 reporting framework. The Soc reports are reports by independent auditors on an organization's independent controls. 

Imagine you are a service based company providing service to your customers. Those services might have an impact on the customers. The SOC reports are a way to make sure that the controls surrounding your services that might affect the customer are implemented properly.
Nowadays, the service organizations are evaluated in the market by their possession of SOC reports. Hence, it has become pivotal for every organization whether service based or user based to undergo SOC audit and possess a SOC report.

The SOC 1 and SOC 2 reports are two types of reports focused on different controls of an organization. A common question is generally raised by the organizations on which report is suitable for them. It usually depends on the services you are providing to the customers/users. Sometimes you might need to go through both SOC 1 and SOC 2 audits. Here are some comparisons between the SOC 1 and SOC 2 reports that will help you choose better between the two. 

 

SOC 1 or SSAE 16 Reports

The SOC 1 reports are also called as SSAE 16 (Statement on Standards for Attestation Engagements) reports. These reports focus on the examination of controls pertaining to the financial reporting process. Organizations that undergo SOC 1 examination and issue SOC 1 reports are those that manage a process that impacts their users/customers financial statements. Some of the examples that come to mind are Payroll process, billing, revenue processes etc. A SOC1 report is of two types.

1. SOC 1 – Type I audit report focuses on a description of a service organization’s control and the suitability of how those controls are designed to achieve the control objectives as of a specified dates.
2. SOC 1 –Type II audit report contains the same opinions as a Type I, but it adds an opinion on the operating effectiveness to achieve related control objectives throughout a specified period. 


SOC 2 Reports

The SOC 2 reports focus on the operation and compliance part of an organization. The organizations focusing on certain areas issue SOC 2 reports. These areas are discussed below.

1. The security of the processes of service organization.
2. The availability of a service organization's system.
3. The service organization system processing integrity
4. The confidentiality of the information that the service organization's system processes or maintains for user entities.
5. The privacy of the user/customer's personal data.

The organizations that come under the SOC 2 reports are the ones that are responsible for managing highly sensitive data, manage transactions or classified information among others. Some of the organizations are data centers, colocation facilities, cloud service providers and software service providers.

These were some of the basic comparisons between SOC 1 and SOC 2 reports that will help you evaluate which report is appropriate for your services. 

Was this reply helpful?

Related topics

  • Best Dedicated Server Providers In Dallas: A Comprehensive Guide
  • Best 10Gbps Unmetered Dedicated Servers - Top 10 List
  • Best 10Gbps Unmetered Dedicated Server In North America - Top 10 List
  • sObject - S3 Browser Guide
  • Windows Server 2008 Hosting
  • Top SQL Databases
  • Smart guide to managing Docker container
  • NFT Domains - A new generation of domains
  • How much is 1U Rack Space?
  • Dedicated Hosting In America
  • Continuous Server Backup
  • Colocation and its basics you need to know
  • CDN Intro
  • Access Logs
  • 100TB Server Cost
Copyright © 2025 Psychz Networks,
A Profuse Solutions Inc Company
Hosting Services
Infrastructure
  • iColocation
Compute
  • cMetal
  • cVirtual
Storage
  • sObject
  • sBlock
Networking
  • nCDN
  • nIP Transit
  • nWavelength
Protection
  • pBackup
  • pDDoS
Company
  • About Us
  • Blog
  • Careers
  • Contact Us
  • Data Centers
  • Looking Glass
  • Network
  • Reseller
Policies
  • Acceptable Usage Policy
  • Privacy Policy
  • Service Level Agreement
  • Terms and Conditions
Support
  • Community
  • Knowledge Base
  • Open A Ticket
Get In Touch
  • Psychz Networks,
    A Profuse Solutions Company
    611 Wilshire Blvd #300
    Los Angeles,California 90017
    USA
  • US/Canada: 800-933-1517
  • International: 626-549-2801