System and Organization Controls (SOC)
GPTKB entity
Statements (49)
Predicate | Object |
---|---|
gptkbp:instanceOf |
audit framework
|
gptkbp:abbreviation |
SOC
|
gptkbp:developedBy |
gptkb:American_Institute_of_Certified_Public_Accountants
|
gptkbp:focusesOn |
gptkb:security
privacy availability confidentiality internal controls processing integrity |
gptkbp:governingBody |
gptkb:AICPA
|
gptkbp:hasType |
gptkb:SOC_1
gptkb:SOC_2 gptkb:SOC_3 SOC for Cybersecurity SOC for Supply Chain |
https://www.w3.org/2000/01/rdf-schema#label |
System and Organization Controls (SOC)
|
gptkbp:introducedIn |
2011
|
gptkbp:preparedBy |
independent CPA firm
|
gptkbp:relatedStandard |
gptkb:Trust_Services_Criteria
COSO Framework |
gptkbp:reportsTo |
Type I
Type II |
gptkbp:reportUsedFor |
gptkb:legislation
vendor management customer assurance internal governance |
gptkbp:SOC_1 |
focusesOnFinancialReportingControls
reportTypeI reportTypeII usedByUserAuditors |
gptkbp:SOC_2 |
criteriaIncludesAvailability
criteriaIncludesConfidentiality criteriaIncludesPrivacy criteriaIncludesProcessingIntegrity criteriaIncludesSecurity focusesOnTrustServiceCriteria reportTypeI reportTypeII usedByManagementAndStakeholders |
gptkbp:SOC_3 |
focusesOnTrustServiceCriteria
reportTypeII usedForGeneralPublic |
gptkbp:SOC_for_Cybersecurity |
focusesOnEnterpriseCybersecurityRiskManagement
|
gptkbp:SOC_for_Supply_Chain |
focusesOnSupplyChainRiskManagement
|
gptkbp:usedFor |
cloud service providers
service organizations outsourced services |
gptkbp:bfsParent |
gptkb:SOC_1_compliance
|
gptkbp:bfsLayer |
6
|