SOC reports

GPTKB entity

Statements (55)
Predicate Object
gptkbp:instanceOf gptkb:audit
gptkbp:developedBy gptkb:AICPA
gptkbp:frequency typically annual
https://www.w3.org/2000/01/rdf-schema#label SOC reports
gptkbp:importantFor healthcare organizations
financial institutions
technology companies
cloud service providers
service organizations
outsourcing companies
gptkbp:issuedBy independent CPA firms
gptkbp:regulates gptkb:AICPA_standards
gptkbp:relatedTo risk management
compliance
internal controls
third-party assurance
gptkbp:SOC_1_audience user auditors and user entities
gptkbp:SOC_1_focus financial reporting controls
gptkbp:SOC_1_purpose report on controls relevant to user entities’ financial reporting
gptkbp:SOC_1_standard gptkb:SSAE_18
gptkbp:SOC_1_types Type I
Type II
gptkbp:SOC_2_audience management, regulators, and other specified parties
gptkbp:SOC_2_criteria gptkb:security
privacy
availability
confidentiality
processing integrity
gptkbp:SOC_2_focus IT and data controls
gptkbp:SOC_2_purpose report on controls relevant to security, availability, processing integrity, confidentiality, or privacy
gptkbp:SOC_2_standard gptkb:Trust_Services_Criteria
gptkbp:SOC_2_trust_services_categories gptkb:security
privacy
availability
confidentiality
processing integrity
gptkbp:SOC_2_types Type I
Type II
gptkbp:SOC_3_audience general public
gptkbp:SOC_3_focus public assurance of controls
gptkbp:SOC_3_purpose general use report on controls for public distribution
gptkbp:SOC_3_standard gptkb:Trust_Services_Criteria
gptkbp:SOC_for_Cybersecurity_focus enterprise-wide cybersecurity risk management
gptkbp:SOC_for_Supply_Chain_focus supply chain risk management
gptkbp:standsFor System and Organization Controls reports
gptkbp:type gptkb:SOC_1
gptkb:SOC_2
gptkb:SOC_3
SOC for Cybersecurity
SOC for Supply Chain
gptkbp:Type_I_definition report on suitability of design of controls at a point in time
gptkbp:Type_II_definition report on operating effectiveness of controls over a period of time
gptkbp:usedFor assessing controls at service organizations
gptkbp:bfsParent gptkb:SOC_1_compliance
gptkbp:bfsLayer 6