System and Organization Controls (SOC)

GPTKB entity

Statements (49)
Predicate Object
gptkbp:instanceOf audit framework
gptkbp:abbreviation SOC
gptkbp:developedBy gptkb:American_Institute_of_Certified_Public_Accountants
gptkbp:focusesOn gptkb:security
privacy
availability
confidentiality
internal controls
processing integrity
gptkbp:governingBody gptkb:AICPA
gptkbp:hasType gptkb:SOC_1
gptkb:SOC_2
gptkb:SOC_3
SOC for Cybersecurity
SOC for Supply Chain
https://www.w3.org/2000/01/rdf-schema#label System and Organization Controls (SOC)
gptkbp:introducedIn 2011
gptkbp:preparedBy independent CPA firm
gptkbp:relatedStandard gptkb:Trust_Services_Criteria
COSO Framework
gptkbp:reportsTo Type I
Type II
gptkbp:reportUsedFor gptkb:legislation
vendor management
customer assurance
internal governance
gptkbp:SOC_1 focusesOnFinancialReportingControls
reportTypeI
reportTypeII
usedByUserAuditors
gptkbp:SOC_2 criteriaIncludesAvailability
criteriaIncludesConfidentiality
criteriaIncludesPrivacy
criteriaIncludesProcessingIntegrity
criteriaIncludesSecurity
focusesOnTrustServiceCriteria
reportTypeI
reportTypeII
usedByManagementAndStakeholders
gptkbp:SOC_3 focusesOnTrustServiceCriteria
reportTypeII
usedForGeneralPublic
gptkbp:SOC_for_Cybersecurity focusesOnEnterpriseCybersecurityRiskManagement
gptkbp:SOC_for_Supply_Chain focusesOnSupplyChainRiskManagement
gptkbp:usedFor cloud service providers
service organizations
outsourced services
gptkbp:bfsParent gptkb:SOC_1_compliance
gptkbp:bfsLayer 6